======5.4.3 Ensure default group for the root account is GID 0 (Scored)======
=====Profile Applicability=====  
<code>
Level 1 - Server
Level 1 - Workstation 
</code>

=====Description=====
The usermod command can be used to specify which group the root user belongs to. This affects permissions of files that are created by the root user.

=====Rationale=====
Using GID 0 for the ''root'' account helps prevent root-owned files from accidentally becoming accessible to non-privileged users.

=====Audit===== 
Run the following command and verify the result is 0:
<Code:bash>
# grep "^root:" /etc/passwd | cut -f4 -d: 
0 
</Code>

=====Remediation===== 
Run the following command to set the ''root'' user default group to GID 0:
<Code:bash>
# usermod -g 0 root
</Code>