RHEL 9 must not have unauthorized accounts.

An XCCDF Rule

Details
Profiles
Prose

Description

<VulnDiscussion>Accounts providing no operational purpose provide additional opportunities for system compromise. Unnecessary accounts include user accounts for individuals not requiring access to the system and application accounts for applications not installed on the system.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-258058r991589_rule
Severity: Medium
References: CCI-000366
Updated: 17 days ago

Remove unauthorized local interactive user accounts with the following command where <unauthorized_user> is the unauthorized account:

$ sudo userdel  <unauthorized_user>

RHEL 9 must not have unauthorized accounts.

Description

Remediation - Manual Procedure