OL08-00-040200 - The root account must be the only account having unrestricted access to the OL 8 system.

Information

If an account other than root also has a User Identifier (UID) of "0", it has root authority, giving that account unrestricted access to the entire operating system. Multiple accounts with a UID of "0" afford an opportunity for potential intruders to guess a password for a privileged account.

Solution

Change the UID of any account on the system, other than root, that has a UID of "0".

If the account is associated with system commands or applications, change the UID to one greater than "0" but less than "1000". Otherwise, assign a UID of greater than "1000" that has not already been assigned.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_8_V2R4_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|I, CCI|CCI-000366, Rule-ID|SV-248874r991589_rule, STIG-ID|OL08-00-040200, Vuln-ID|V-248874

Plugin: Unix

Control ID: 84409dbcecea900519fa52a1dea396ffbdf3400bf0cfb274b20945d5583be5bf