InformationSometimes when administrators delete users or groups from the system they neglect to remove all files owned by those users or groups.
A new user who is assigned the deleted user's user ID or group ID may then end up 'owning' these files, and thus have more access on the system than was intended.
SolutionLocate files that are owned by users or groups not listed in the system configuration files, and reset the ownership of these files to some active user on the system as appropriate.
This Benchmark recommendation maps to:
Red Hat Enterprise Linux 7 Security Technical Implementation Guide:
Version 2, Release: 3 Benchmark Date: 26 Apr 2019
Vul ID: V-72009
Rule ID: SV-86633r3_rule
STIG ID: RHEL-07-020330
Severity: CAT II