6.1.5 Ensure permissions on /etc/gshadow are configured

Information

The /etc/gshadow file is used to store the information about groups that is critical to the security of those accounts, such as the hashed password and other security information.

Rationale:

If attackers can gain read access to the /etc/gshadow file, they can easily run a password cracking program against the hashed password to break it. Other security information that is stored in the /etc/gshadow file (such as group administrators) could also be useful to subvert the group.

Solution

Run the following chown to set permissions on /etc/gshadow :
# chown root:root /etc/gshadow
# chmod 000 /etc/gshadow

See Also

https://workbench.cisecurity.org/files/2449

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5, 800-53|IA-5(1), CSCv6|3.1, CSCv7|16.4

Plugin: Unix

Control ID: fbd55f1788bfe5bae7b6db62ae63b8752b509440e4cc2697277badec828b1cba