Detections
Analytics

1.284 RHEL-09-411100

Information

The root account must be the only account having unrestricted access to RHEL 9 system.

GROUP ID: V-258059
RULE ID: SV-258059r991589

An account has root authority if it has a user identifier (UID) of "0". Multiple accounts with a UID of "0" afford more opportunity for potential intruders to guess a password for a privileged account. Proper configuration of sudo is recommended to afford multiple system administrators access to root privileges in an accountable manner.

Solution

Change the UID of any account on the system, other than root, that has a UID of "0".

If the account is associated with system commands or applications, the UID should be changed to one greater than "0" but less than "1000". Otherwise, assign a UID of greater than "1000" that has not already been assigned.

See Also

https://workbench.cisecurity.org/benchmarks/22008

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|I, CCI|CCI-000366, Rule-ID|SV-258059r991589_rule, STIG-ID|RHEL-09-411100, Vuln-ID|V-258059

Plugin: Unix

Control ID: eb910f0e1053e0c64e5510687f9b9284546d2ab078464eefb8f10fde8366de8f