This is not the latest version of the STIG. This is provided for archival purposes. See the latest STIG.

The Oracle Linux operating system must be configured so that all Group Identifiers (GIDs) referenced in the /etc/passwd file are defined in the /etc/group file.

STIG ID: OL07-00-020300  |  SRG: SRG-OS-000104-GPOS-00051 |  Severity: low (CAT III)  |  CCI: CCI-000764 |  Vulnerability Id: V-221722

Vulnerability Discussion

If a user is assigned the GID of a group not existing on the system, and a group with the GID is subsequently created, the user may have unintended rights to any files associated with the group.

Check

Verify all GIDs referenced in the "/etc/passwd" file are defined in the "/etc/group" file.

Check that all referenced GIDs exist with the following command:

# pwck -r

If GIDs referenced in then "/etc/passwd" file are returned as not defined in the "/etc/group" file, this is a finding.

Fix

Configure the system to define all GIDs found in the "/etc/passwd" file by modifying the "/etc/group" file to add any non-existent group referenced in the "/etc/passwd" file, or change the GIDs referenced in the "/etc/passwd" file to a group that exists in "/etc/group".
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.