STIGQter: STIG Summary: Solaris 10 X86 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

The root account must be the only account having an UID of 0.

DISA Rule

SV-220078r603266_rule

Vulnerability Number

V-220078

Group Title

SRG-OS-000480

Rule Version

GEN000880

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Remove or change the UID of accounts other than root that have UID 0.

Check Contents

Check the system for duplicate UID 0 assignments by listing all accounts assigned UID 0.

Procedure:
# awk -F: '$3 == 0' /etc/passwd

If any accounts other than root are assigned UID 0, this is a finding.

Vulnerability Number

V-220078

Documentable

False

Rule Version

GEN000880

Severity Override Guidance

Check the system for duplicate UID 0 assignments by listing all accounts assigned UID 0.

Procedure:
# awk -F: '$3 == 0' /etc/passwd

If any accounts other than root are assigned UID 0, this is a finding.

Check Content Reference

M

Target Key

4061

Comments