6.2.3 Ensure all groups in /etc/passwd exist in /etc/group - GIDs referenced in the /etc/passwd file are defined in the /etc/group file.

Information

Over time, system administration errors and changes can lead to groups being defined in /etc/passwd but not in /etc/group .

Rationale:

Groups defined in the /etc/passwd file but not in the /etc/group file pose a threat to system security since group permissions are not properly managed.

Solution

Analyze the output of the Audit step above and perform the appropriate action to correct any discrepancies found.

See Also

https://workbench.cisecurity.org/files/3636

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-2, CCI|CCI-000764, CSCv7|16, Rule-ID|SV-204461r603261_rule, STIG-ID|RHEL-07-020300

Plugin: Unix

Control ID: efdeeed39db2cc05325dd5f66d27d26d4f3e3782d78b2c41d1a4ecec94709ed1