Ensure permissions on /etc/gshadow are configured - permissions

Information

If attackers can gain read access to the /etc/gshadow file, they can easily run a password cracking program against the hashed password to break it. Other security information that is stored in the /etc/gshadow file (such as group administrators) could also be useful to subvert the group.

Solution

Run the one of the following chown commands as appropriate and the chmod to set permissions on /etc/gshadow:
# chown root:root /etc/gshadow
# chown root:shadow /etc/gshadow
# chmod o-rwx,g-rw /etc/gshadow

See Also

https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623.html

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(6), CSCv6|16.14

Plugin: Unix

Control ID: eaa9ebbeb91b8b97e7ab5e560cc02004c47016ae3f72f32a57acc31f1a9f66d9