13.14 Check for Duplicate UIDs

Information

Although the useradd program will not let you create a duplicate User ID (UID), it is possible for an administrator to manually edit the /etc/passwd file and change the UID field.
Users must be assigned unique UIDs for accountability and to ensure appropriate access protections.

Solution

Based on the results of the script, establish unique UIDs and review all files owned by the shared UID to determine which UID they are supposed to belong to.

See Also

https://workbench.cisecurity.org/files/91

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-4d.

Plugin: Unix

Control ID: ebcd42c0e3a98bb7a670f7598cb872399d90c2f1966e94bce80efcb7ee79b28c