Ensure there are no legacy + NIS entries in /etc/group

An XCCDF Rule

Details
Profiles
Prose

Description

The + character in /etc/group file marks a place where entries from a network information service (NIS) should be directly inserted.

Rationale

Using this method to include entries into /etc/group is considered legacy and should be avoided. These entries may provide a way for an attacker to gain access to the system.

ID: xccdf_org.ssgproject.content_rule_no_legacy_plus_entries_etc_group
Severity: Medium
Updated: about 1 year ago