TOC & Recently Viewed

Recently Viewed Topics

passwd_duplicate_username

This built-in function ensures that each username in /etc/passwd is unique. It succeeds if that is the case and fails otherwise.

Duplicate user names in /etc/passwd create problems since it is unclear which account’s privileges are being used.

The adduser command will not let you create a duplicate username. Such a setup typically means that the system has been compromised, tools to handle user management are buggy or the /etc/passwd file was manually edited.

Delete duplicate usernames or modify them to be different.

Usage

<item>

name: "passwd_duplicate_username"

description: "This check makes sure that every username in /etc/passwd is unique."

</item>

Copyright 2017 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.  Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc.  All other products or services are trademarks of their respective owners.