Detections
Analytics
GEN001475 - The /etc/group file must not contain any group password hashes.
Information
Group passwords are typically shared and should not be used. Additionally, if password hashes are readable by non-administrators, the passwords are subject to attack through lookup tables or cryptographic weaknesses in the hashes.Solution
Edit /etc/group and change the password field to an exclamation point (!) to lock the group password.See Also
http://iasecontent.disa.mil/stigs/zip/U_STIG_Library_2015_07.zip
Item Details
Audit Name: DISA AIX 5.3 STIG v1r2
Category: IDENTIFICATION AND AUTHENTICATION
References: 800-53|IA-5, CAT|II, CCI|CCI-000225, Rule-ID|SV-26447r1_rule, STIG-ID|GEN001475, Vuln-ID|V-22348
Plugin: Unix
Control ID: 3b77a34ae6e705165928d54310b7dcbe394a160e2365dca2469769865799c45a