Skip to content

RHEL 9 must not have unauthorized accounts.

An XCCDF Rule

Description

<VulnDiscussion>Accounts providing no operational purpose provide additional opportunities for system compromise. Unnecessary accounts include user accounts for individuals not requiring access to the system and application accounts for applications not installed on the system.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-258058r926161_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Remove unauthorized local interactive user accounts with the following command where <unauthorized_user> is the unauthorized account:

$ sudo userdel  <unauthorized_user>