6.2.12 Ensure all groups in /etc/passwd exist in /etc/group

Information

Over time, system administration errors and changes can lead to groups being defined in /etc/passwd but not in /etc/group .

Rationale:

Groups defined in the /etc/passwd file but not in the /etc/group file pose a threat to system security since group permissions are not properly managed.

Solution

Analyze the output of the Audit step above and perform the appropriate action to correct any discrepancies found.

See Also

https://workbench.cisecurity.org/files/2920

Item Details

Category: ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION

References: 800-53|AC-2, 800-53|AC-2(3), 800-53|IA-4, CSCv7|16.6, CSCv7|16.7, CSCv7|16.8

Plugin: Unix

Control ID: 442e1f1bc94cc9b18441a61b93932c8a8a989099f8ba4dd393accd2a804b99e7