12.4 Verify User/Group Ownership on /etc/passwd

Information

The /etc/passwd file contains a list of all the valid userIDs defined in the system, but not the passwords. The command below sets the owner and group of the file to root.
The /etc/passwd file needs to be protected from unauthorized changes by non-priliveged users, but needs to be readable as this information is used with many non-privileged programs.

Solution

If the user and group ownership of the /etc/passwd file are incorrect, run the following command to correct them: # /bin/chown root:root /etc/passwd

See Also

https://workbench.cisecurity.org/files/91

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(6), CSCv6|3.1

Plugin: Unix

Control ID: 49eed6bddebf0e4cfdba4dff52f9b022024a8a81555133bb82a10c80f66676eb