#1 You have accounts other than root set up with UID 0. This is a considerable security risk. You should use su, or best of all sudo for such access
#2 This message is to inform you that the account cgi has user id 0 (root privs).This could mean that your system was compromised (OwN3D). To be safe you should verify that your system has not been compromised.
When, You get the Above Messages from your server, You should verify the server, whether you have additional root / sudo users
We can find the users, who has 0 as its UID by the below command.
Make sure, You logged in as root to execute the below command.
awk -F: '($3 == "0") {print}' /etc/passwd
You should only see root as the user with UID 0. If you see the following then all is well in this regard:
root:x:0:0:root:/root:/bin/bash
If you see any other additional user has with the UID 0
You should disabled those user & do an investigation about how this was created and what has this users did on your server.
I have been looking for this exact steps, this helped me a lot.
thanks a lot
Hey blogger, do update frequent posts. I like the details and the steps and not so nosense details which normally people done read.
This is why I spent time to write something on the blog, sure will update frequently.
Do tell me or ask me any questions, I will glad to answer it.
Thanks
Ilango