Detections
Analytics
OL6-00-000032 - The root account must be the only account having a UID of 0.
Warning! Audit Deprecated
This audit has been deprecated and will be removed in a future update.
View Next Audit VersionInformation
An account has root authority if it has a UID of 0. Multiple accounts with a UID of 0 afford more opportunity for potential intruders to guess a password for a privileged account. Proper configuration of sudo is recommended to afford multiple system administrators access to root privileges in an accountable manner.Solution
If any account other than root has a UID of 0, this misconfiguration should be investigated and the accounts other than root should be removed or have their UID changed.See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_6_V1R17_STIG.zip
Item Details
Audit Name: DISA STIG Oracle Linux 6 v1r17
Category: ACCESS CONTROL
References: 800-53|AC-6(5), CAT|II, CCI|CCI-000366, CSCv6|5.1, Group-ID|V-50747, Rule-ID|SV-64953r2_rule, STIG-ID|OL6-00-000032, Vuln-ID|V-50747
Plugin: Unix
Control ID: 3835e9a576821eee568c628a49b54fef35b1bd0e30ec57779876934be65459ff