Description

If any group other than root has a GID of 0, this misconfiguration should be investigated and the groups other than root should be removed or have their GID changed.

Rationale

Ensuring that only the root group has a GID of 0 helps prevent root group owned files from becoming accidentally accessible to non-privileged users.

Warning

This rule doesn’t come with a remediation. The removal of groups from a system or reassigning the GID is considered too disruptive.