TOC & Recently Viewed

Recently Viewed Topics

passwd_duplicate_username

This built-in function ensures that each username in /etc/passwd is unique. It succeeds if that is the case and fails otherwise.

Duplicate user names in /etc/passwd create problems since it is unclear which account’s privileges are being used.

The adduser command will not let you create a duplicate username. Such a setup typically means that the system has been compromised, tools to handle user management are buggy or the /etc/passwd file was manually edited.

Delete duplicate usernames or modify them to be different.

Usage

<item>

name: "passwd_duplicate_username"

description: "This check makes sure that every username in /etc/passwd is unique."

</item>

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.