6.1.7 Ensure permissions on /etc/gshadow are configured

Information

The /etc/gshadow file is used to store the information about groups that is critical to the security of those accounts, such as the hashed password and other security information.

Rationale:

If attackers can gain read access to the /etc/gshadow file, they can easily run a password cracking program against the hashed password to break it. Other security information that is stored in the /etc/gshadow file (such as group administrators) could also be useful to subvert the group.

Solution

Run the following commands to set owner, group, and permissions on /etc/gshadow :

# chown root:root /etc/gshadow
# chmod 0000 /etc/gshadow

See Also

https://workbench.cisecurity.org/files/3636