9.19 Check for Duplicate Group Names

Information

Although the groupadd program will not let you create a duplicate group name, it is possible for an administrator to manually modify group(4) and change the group name.

If a group is assigned a duplicate group name, it will create and have access to files with the first GID for that group in group(4). Effectively, the GID is shared, which is a security risk.

Solution

Correct or justify any items discovered in the Audit step. Determine if there are any duplicate group names, and work with their respective owners to determine the best course of action in accordance with site policy.

See Also

https://workbench.cisecurity.org/files/612

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-4d.

Plugin: Unix

Control ID: e8ceae457322641e1cfb86cb25765a33ed98964a1d84feb04dcf306996e5a482