9.17 Check for Duplicate User Names

Information

Although the useradd program will not let you create a duplicate user name, it is possible
for an administrator to manually modify passwd(4) and change the user name.

If a user is assigned a duplicate user name, it will create and have access to files with the
first UID for that username in passwd(4). For example, if 'test4' has a UID of 1000 and a
subsequent 'test4' entry has a UID of 2000, logging in as 'test4' will use UID 1000.
Effectively, the UID is shared, which is a potential security problem.

Solution

Correct or justify any items discovered in the Audit step. Determine if there are any
duplicate user names, and work with their respective owners to determine the best course
of action in accordance with site policy.

See Also

https://workbench.cisecurity.org/files/616

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-4d.

Plugin: Unix

Control ID: d47fa34475b80567a1ef8e7d96be8987b1c11db627cec81511dbe8e1dd8f4694