Verify Permissions and Ownership of Old Passwords File
An XCCDF Rule
Description
To properly set the owner of /etc/security/opasswd, run the command:
$ sudo chown root /etc/security/opasswdTo properly set the group owner of
/etc/security/opasswd, run the command: $ sudo chgrp root /etc/security/opasswdTo properly set the permissions of
/etc/security/opasswd, run the command: $ sudo chmod 0600 /etc/security/opasswd
Rationale
The /etc/security/opasswd file stores old passwords to prevent
password reuse. Protection of this file is critical for system security.
- ID
- xccdf_org.ssgproject.content_rule_file_etc_security_opasswd
- Severity
- Medium
- References
- Updated