TOC & Recently Viewed

Recently Viewed Topics

group_duplicate_members

This built-in function ensures that each member of a group is only listed once. It passes if each member is unique and fails otherwise.

Each member of a group should only be listed once. While being listed multiple times does not cause a problem to the underlying operating system, it makes the system administrator’s life more difficult as revoking privileges becomes more complex. For instance, if the group “admin” has the members “alice,bob,charles,daniel,bob” then “bob” will need to be removed twice if his privileges were to be revoked.

Ensure that each member is listed only once.

Usage

<item>

name: "group_duplicate_members"

description: "This check makes sure that every member of a group is listed once."

</item>

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.