9.18 Check for Duplicate User Names

Information

Although the useradd program will not let you create a duplicate user name, it is possible for an administrator to manually modify passwd(4) and change the user name.

If a user is assigned a duplicate user name, it will create and have access to files with the first UID for that username in passwd(4). For example, if "test4" has a UID of 1000 and a subsequent "test4" entry has a UID of 2000, logging in as "test4" will use UID 1000.

Effectively, the UID is shared, which is a potential security problem.

Solution

Correct or justify any items discovered in the Audit step. Determine if there are any duplicate user names, and work with their respective owners to determine the best course of action in accordance with site policy.

See Also

https://workbench.cisecurity.org/files/612

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-4d.

Plugin: Unix

Control ID: 3ebd164beb70ec140e2d7f81d4d2dbcd6e9f1a169bb062942614bcaedbd0fc4f