OL 9 must be configured so that the root account is the only account having unrestricted access to the system.

STIG ID: OL09-00-003000  |  SRG: SRG-OS-000480-GPOS-00227 |  Severity: high |  CCI: CCI-000366 |  Vulnerability Id: V-271831

Vulnerability Discussion

An account has root authority if it has a user identifier (UID) of "0". Multiple accounts with a UID of "0" afford more opportunity for potential intruders to guess a password for a privileged account. Proper configuration of sudo is recommended to afford multiple system administrators access to root privileges in an accountable manner.

Check

Verify that OL 9 configures only the "root" account to have a UID "0" assignment with the following command:

$ awk -F: '$3 == 0 {print $1}' /etc/passwd
root

If any accounts other than "root" have a UID of "0", this is a finding.

Fix

Change the UID of any account on the system, other than root, that has a UID of "0".

If the account is associated with system commands or applications, the UID should be changed to one greater than "0" but less than "1000". Otherwise, assign a UID of greater than "1000" that has not already been assigned.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.