6.1.2 Ensure permissions on /etc/passwd- are configured
Information
The /etc/passwd- file contains backup user account information. It is critical to ensure that the /etc/passwd- file is protected from unauthorized access. Although it is protected by default, the file permissions could be changed either inadvertently or through malicious actions.
Solution
Run the following commands to remove excess permissions, set owner, and set group on /etc/passwd- : # chmod u-x,go-wx /etc/passwd- # chown root:root /etc/passwd-