Detections
Analytics
GEN000000-LNX001434 - The /etc/gshadow file must not have an extended ACL.
Warning! Audit Deprecated
This audit has been deprecated and will be removed in a future update.
View Next Audit VersionInformation
The /etc/gshadow file is critical to system security and must be protected from unauthorized modification. The /etc/gshadow file contains a list of system groups and hashes for group passwords.Solution
Remove the extended ACL from the file.# setfacl --remove-all /etc/gshadow
See Also
http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R17_STIG.zip
Item Details
Category: ACCESS CONTROL
References: 800-53|AC-3, CAT|II, CCI|CCI-000225, Group-ID|V-22344, Rule-ID|SV-37176r1_rule, STIG-ID|GEN000000-LNX001434
Plugin: Unix
Control ID: 10dded3a72903850f74a44608acd8af0137cca6f4693c45219d02cc8300262e1