GEN000000-LNX001432 - The /etc/gshadow file must be group-owned by root.

Information

The /etc/gshadow file is critical to system security and must be protected from unauthorized modification. The /etc/gshadow file contains a list of system groups and hashes for group passwords.

Solution

Change the group-owner of the /etc/gshadow file to root.
# chgrp root /etc/gshadow

See Also

http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6, CAT|II, CCE|CCE-4064-2, CCI|CCI-000225, Group-ID|V-22342, Rule-ID|SV-37164r1_rule, STIG-ID|GEN000000-LNX001432, Vuln-ID|V-22342

Plugin: Unix

Control ID: 351de5dab77c031b2f74902eb14303ebb6a386c47c25a75ff2f621b3b8f5c8a4