6.1.4 Ensure permissions on /etc/group are configured

Information

The /etc/group file contains a list of all the valid groups defined in the system. The command below allows read/write access for root and read access for everyone else.

Rationale:

The /etc/group file needs to be protected from unauthorized changes by non-privileged users, but needs to be readable as this information is used with many non-privileged programs.

Solution

Run the following command to set permissions on /etc/group :

# chown root:root /etc/group

# chmod u-x,go-wx /etc/group

See Also

https://workbench.cisecurity.org/files/3208

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(6), CSCv6|3.1, CSCv6|16.14

Plugin: Unix

Control ID: 3ab14245e5086c02ced98946900026d49896bdce3991ffac2ec51f346e1d6411