> id root
0(root) 1(other)
From CIS scanning result"it should make sure the root's gid is equal to 0", so I don't know what's the impact for that change to whole system? BTW, why is there a group named other under solaris? what does group "other" do ?
Thanks very much!
The reason for the change from other to root? If you do so, non other than root can even view the files owned by root
You shouldn't cause too much trouble. Files in the "other" group could be inaccessible, depending on permissions but none of these should be system critical anyway. Personally, I wouldn't worry about making any changes as it doesn't matter if the root account has access to the group "others" anyway - it's easy enough for root users to gain access to any system/application data in any case, so it's not a security concern.
If you're really worried, run a find across your system, looking for everything with "other" group membership and see if anything you think is important shows up.
thanks for your explanation, I have a solution that may be better,
during OS start 3 level, call passmgmt -m -g 0 root to update root's gid, BTW, we should keep the other property, so we should call 'groups root' to query all root's groups, than call usermod -G result root to append the existing group. right?
I haven't found a better way to add some user into some group yet.