Ensure a separate user and group exist for Cassandra – passwd

Details

Create separate userid and group for Cassandra.

Rationale:

All processes need to run as a user with least privilege. This mitigates the potential impact of malware to the system.

Solution

Create a group for cassandra(if it does not already exist)

sudo groupadd cassandra

Create a user which is only used for running Cassandra and its related processes.

sudo useradd -m -d /home/cassandra -s /bin/bash -g cassandra -u cassandra

Replacing with a number not already used on the server

References:

Supportive Information

The following resource is also helpful.

https://workbench.cisecurity.org/files/2309

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.

References

800-53|AC-2
CSCv6|5.1
CSCv7|4

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles