OL07-00-020300 - The Oracle Linux operating system must be configured so that all Group Identifiers (GIDs) referenced in the /etc/passwd file are defined in the /etc/group file - GIDs referenced in the /etc/passwd file are defined in the /etc/group file.

Information

If a user is assigned the GID of a group not existing on the system, and a group with the GID is subsequently created, the user may have unintended rights to any files associated with the group.

Solution

Configure the system to define all GIDs found in the '/etc/passwd' file by modifying the '/etc/group' file to add any non-existent group referenced in the '/etc/passwd' file, or change the GIDs referenced in the '/etc/passwd' file to a group that exists in '/etc/group'.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_7_V2R14_STIG.zip

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-2, CAT|III, CCI|CCI-000764, Rule-ID|SV-221722r603260_rule, STIG-ID|OL07-00-020300, STIG-Legacy|SV-108285, STIG-Legacy|V-99181, Vuln-ID|V-221722

Plugin: Unix

Control ID: 3f10cbf0a3f032ef5588a1a0dcc4f85a30d75fef940fb0f85b3df6e537bd6aed