group_nonexistent_users

This check ensures that each member of a group actually exists in /etc/passwd.

Having non-existent users in /etc/group implies incomplete administration practices. The user does not exist either because it has been mistyped or because it has not been removed from the group when the user has been removed from the system.

It is not recommended to have “ghost” users stay in /etc/group. If a user with the same username where to be added at a later time, the user may have group privileges that should not be granted.

Remove non-existent users from /etc/group.

Usage

<item>

name: "group_nonexistant_users"

description: "This check makes sure that every member of a group actually exists."

</item>

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.