GEN000000-LNX001434 - The /etc/gshadow file must not have an extended ACL.

Information

The /etc/gshadow file is critical to system security and must be protected from unauthorized modification. The /etc/gshadow file contains a list of system groups and hashes for group passwords.

Solution

Remove the extended ACL from the file.
# setfacl --remove-all /etc/gshadow

See Also

http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6, CAT|II, CCI|CCI-000225, Group-ID|V-22344, Rule-ID|SV-37176r1_rule, STIG-ID|GEN000000-LNX001434, Vuln-ID|V-22344

Plugin: Unix

Control ID: 4a179b576ea2dfc5a2b70eacce1021100305d4c819a364b7a22117f4dcf4af44