Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ======6.2.5 Ensure root is the only UID 0 account (Scored)====== =====Profile Applicability===== <code> Level 1 - Server Level 1 - Workstation </code> =====Description===== Any account with UID 0 has superuser privileges on the system. =====Rationale===== This access must be limited to only the default root account and only from the system console. Administrative access must be through an unprivileged account using an approved mechanism as noted in Item 5.6 Ensure access to the su command is restricted. =====Audit===== Run the following command and verify that only "root" is returned: <Code:bash> # cat /etc/passwd | awk -F: '($3 == 0) { print $1 }' root </Code> =====Remediation===== Remove any users other than ''root'' with UID ''0'' or assign them a new UID if appropriate. ubuntu1604/6/2/5.txt Last modified: 2017/05/04 14:23by Piotr Kłoczewski