Level 1 - Server Level 1 - Workstation
Although the useradd
program will not let you create a duplicate User ID (UID), it is possible for an administrator to manually edit the /etc/passwd
file and change the UID field.
Users must be assigned unique UIDs for accountability and to ensure appropriate access protections.
Run the following script and verify no results are returned:
#!/bin/bash cat /etc/passwd | cut -f3 -d":" | sort -n | uniq -c | while read x ; do [ -z "${x}" ] && break set - $x if [ $1 -gt 1 ]; then users=`awk -F: '($3 == n) { print $1 }' n=$2 /etc/passwd | xargs` echo "Duplicate UID ($2): ${users}" fi done
Based on the results of the audit script, establish unique UIDs and review all files owned by the shared UIDs to determine which UID they are supposed to belong to.