The SUSE operating system root account must be the only account having unrestricted access to the system.

An XCCDF Rule

Details
Profiles

Description

If an account other than root also has a User Identifier (UID) of "0", it has root authority, giving that account unrestricted access to the entire SUSE operating system. Multiple accounts with a UID of "0" afford an opportunity for potential intruders to guess a password for a privileged account.

ID: SV-217164r991589_rule
Version: SLES-12-010650
Severity: High
References: CCI-000366
Updated: about 2 months ago

Remediation Templates

Change the UID of any account on the SUSE operating system, other than the root account, that has a UID of "0". 

If the account is associated with system commands or applications, the UID should be changed to one greater than "0" but less than "1000". Otherwise, assign a UID of greater than "1000" that has not already been assigned.

The SUSE operating system root account must be the only account having unrestricted access to the system.

Description

Remediation Templates

A Manual Procedure