| VID |
14106 |
| Severity |
10 |
| Port |
22 |
| Protocol |
TCP |
| Class |
LSC |
| Detailed Description |
The group which the root account belongs to is authorized to access the system operation file, so only the minimum account must be registered.
Unless the group management is performed, unauthorized general users can access the system with the administrator's authority, and malicious operation such as file modification or modification can damage the system operation.
* Affected platforms:
UNIX, Linux |
| Recommendation |
Follow the steps below to romove unnecessary account from root group
1. Open "/etc/group"
2. Romove unnecessary account from root group
(ex) Remove test account from root group
(Before) root:x:0:root,test
(After) root:x:0:root |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
