STIGQter: STIG Summary: Solaris 11 SPARC Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The root account must be the only account with GID of 0.

DISA Rule

SV-216438r603267_rule

Vulnerability Number

V-216438

Group Title

SRG-OS-000480

Rule Version

SOL-11.1-070220

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

The root role is required.

Change the default GID of non-root accounts to a valid GID other than 0.

Check Contents

Identify any users with GID of 0.

# awk -F: '$4 == 0' /etc/passwd
# awk -F: '$3 == 0' /etc/group
Confirm the only account with a group id of 0 is root.

If the root account is not the only account with GID of 0, this is a finding.

Vulnerability Number

V-216438

Documentable

False

Rule Version

SOL-11.1-070220

Severity Override Guidance

Identify any users with GID of 0.

# awk -F: '$4 == 0' /etc/passwd
# awk -F: '$3 == 0' /etc/group
Confirm the only account with a group id of 0 is root.

If the root account is not the only account with GID of 0, this is a finding.

Check Content Reference

M

Target Key

4022

Comments