[Forgot Password]
Login  Register Subscribe

24437

 
 

131815

 
 

116370

 
 

909

 
 

90976

 
 

142

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-90072-0

Platform: macosx10.9Date: (C)2015-06-11   (M)2018-03-17



Ensure Only root has the UID 0 The built in root account is disabled by default and administrator users are required to use sudo to run a process with the UID '0'. If another account with UID '0' exists, this is a sign of a network intrusion or a malicious user that is attempting to circumvent security controls.


Parameter: UID


Technical Mechanism: To list all of the accounts with a UID of '0', run this command: sudo dscl . -list /Users UniqueID | grep -w 0 | wc -l If the result is not '1', this is a finding.

References:

Resource IdReference
NISTCM-6 b
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:24696


OVAL    1
oval:org.secpod.oval:def:24696
XCCDF    1
xccdf_org.secpod_benchmark_general_Mac_OS_X_10_9

© SecPod Technologies