Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How to diff between 2 users with uid 0?
Special Forums Cybersecurity How to diff between 2 users with uid 0? Post 302784999 by MichaelFelt on Sunday 24th of March 2013 06:20:11 AM
Old 03-24-2013
You should not have more users with UID anything. This is a red flag in any security audit/control. This is 2013 - no excuses.

FYI: the commands lookup username based on userid - the number, not the name - and the first one found, whether it comes from files, ldap, nis, etc. will be the name a command lists. Only way around this would be to replace the standard system libraries with customized libraries that do lookups based on username.

Would still fail a security audit imho.

In short, these days an unacceptable situation. I recommend you make sure your users know they may be breaking the law and/or instructional compliance requirements - as there is no accountability.
If you have a security department - get their support to have this banned on company servers.
Last edited by MichaelFelt; 03-24-2013 at 07:21 AM.. Reason: read is not red - spelling correction!
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

diff 2 files; output diff's to 3rd file

Hello, I want to compare two files. All records in file 2 that are not in file 1 should be output to file 3. For example: file 1 123 1234 123456 file 2 123 2345 23456 file 3 should have 2345 23456 I have looked at diff, bdiff, cmp, comm, diff3 without any luck! (2 Replies)
Discussion started by: blt123
2 Replies

2. AIX

Locking a file when using VI to prevent multiple-edit sessions by diff users

At the office, we often have to edit one file with VI. We are 4-6 workers doing it and sometimes can be done at the same time. We have found a problem and want to prevent it with a file lock. Is it possible and how ? problem : Worker-a starts edit VI session on File-A at 1PM Worker-b... (14 Replies)
Discussion started by: Browser_ice
14 Replies

3. AIX

Finding a specific UID on a site with hundreads of users.

Hello, I am not the AIX guru.. This might seem simple for a lot but I am not sure where to start.. So here is my question: I have a unix account on a remote site. My UID is 999999. Now I need to create my account at my main site, with the same UID. So i have to make sure the UID 999999 is... (1 Reply)
Discussion started by: maxalarie
1 Replies

4. Shell Programming and Scripting

.procmailrc and uudeview (put attachments from diff senders to diff folders)

Moderator, please, delete this topic (1 Reply)
Discussion started by: optik77
1 Replies

5. OS X (Apple)

When to use /Users/m/bin instead of /usr/local/bin (& whats the diff?)?

Q1. I understand that /usr/local/bin means I can install/uninstall stuff in here and have any chance of messing up my original system files or effecting any other users. I created this directory myself. But what about the directory I didn't create, namely /Users/m/bin? How is that directory... (1 Reply)
Discussion started by: michellepace
1 Replies

6. Shell Programming and Scripting

serach diff filename in diff location using shell scripting

Hi, I am new to shell scripting. please help me to find out the solution. I need a script where we need to read the text file(consists of all file names) and get the file names one by one and append the date suffix for each file name as 'yyyymmdd' . Then search each file if exists... (1 Reply)
Discussion started by: Lucky123
1 Replies

7. Solaris

Can we create multiple users with same UID?

* Can we create multiple users with same UID? * Can we give root permissions to normal user like admin.s ? If YES give me full details (syntax of sudo/RBAC) (14 Replies)
Discussion started by: Navkreddy
14 Replies

8. UNIX for Advanced & Expert Users

How to diff between 2 users with uid 0?

Hello, I created a new user "rootNew" After creation I manually change the file /etc/passwd and gave the new user "rootNew" uid 0. Now I have 2 users with uid 0 (root,rootNew) how can I know which user is log in the system? "whoami" command return "root" for both users. Thanks, Uri No... (0 Replies)
Discussion started by: urip
0 Replies

9. Shell Programming and Scripting

Find users with root UID or GID or root home

I need to list users in /etc/passwd with root's GID or UID or /root as home directory If we have these entries in /etc/passwd root:x:0:0:root:/root:/bin/bash rootgooduser1:x:100:100::/home/gooduser1:/bin/bash baduser1:x:0:300::/home/baduser1:/bin/bash... (6 Replies)
Discussion started by: anil510
6 Replies

10. Homework & Coursework Questions

Display info about users (UID GID processes terminal)

I would like to get an opinion for my solution for this task and get feedback about better approach or mistakes I have made. 1. The problem statement, all variables and given/known data: The task is to create a script which prints information about users whose names are specified in the... (2 Replies)
Discussion started by: kornfan
2 Replies

LEARN ABOUT XFREE86

audit_user

audit_user(4)							   File Formats 						     audit_user(4)

NAME

       audit_user - per-user auditing data file

SYNOPSIS

       /etc/security/audit_user

DESCRIPTION

       audit_user  is  an  access-restricted  database that stores per-user auditing preselection data. You can use the audit_user file with other
       authorization sources, including the NIS map audit_user.byname and the NIS+ table audit_user. Programs use the getauusernam(3BSM)  routines
       to access this information.

       The  search order for multiple user audit information sources is specified in the /etc/nsswitch.conf file. See nsswitch.conf(4). The lookup
       follows the search order for passwd(4).

       The fields for each user entry are separated by colons (:). Each user is separated from the next by a newline.  audit_user  does  not  have
       general read permission. Each entry in the audit_user file has the form:

       username:always-audit-flags:never-audit-flags

       The fields are defined as follows:

       username 	       User's login name.

       always-audit-flags      Flags specifying event classes to always audit.

       never-audit-flags       Flags specifying event classes to never audit.

       For a complete description of the audit flags and how to combine them, see audit_control(4).

EXAMPLES

       Example 1: Using the audit_user File

       other:lo,am:io,cl
       fred:lo,ex,+fc,-fr,-fa:io,cl
       ethyl:lo,ex,nt:io,cl

FILES

       /etc/nsswitch.conf

       /etc/passwd

       /etc/security/audit_user

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     | See below		   |
       +-----------------------------+-----------------------------+

       The file format stability is evolving. The file content is unstable.

SEE ALSO

       bsmconv(1M), getauusernam(3BSM), audit_control(4), nsswitch.conf(4), passwd(4)

NOTES

       This functionality is available only if the Basic Security Module (BSM) has been enabled. See bsmconv(1M) for more information.

SunOS 5.10							    2 Jan 2003							     audit_user(4)
All times are GMT -4. The time now is 04:06 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy