6.1.5 Ensure permissions on /etc/gshadow are configured

Information

The /etc/gshadow file is used to store the information about groups that is critical to the security of those accounts, such as the hashed password and other security information.

Rationale:

If attackers can gain read access to the /etc/gshadow file, they can easily run a password cracking program against the hashed password to break it. Other security information that is stored in the /etc/gshadow file (such as group administrators) could also be useful to subvert the group.

Solution

Run the following chown command and the chmod to set permissions on /etc/gshadow :

# chown root:root /etc/gshadow

# chmod o-rwx,g-rw /etc/gshadow

See Also

https://workbench.cisecurity.org/files/2688

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5, 800-53|IA-5(1), CSCv7|16.4

Plugin: Unix

Control ID: d9cfc6e0d37e33952be02c75bc8eae17f7efc4d1cd432d2bd703eab5e22d4d6c