Verify Permissions on Backup shadow File

An XCCDF Rule

Details
Profiles
Prose

Description

To properly set the permissions of /etc/shadow-, run the command:

$ sudo chmod 0000 /etc/shadow-

Rationale

The /etc/shadow- file is a backup file of /etc/shadow, and as such, it contains the list of local system accounts and password hashes. Protection of this file is critical for system security.

ID: xccdf_org.ssgproject.content_rule_file_permissions_backup_etc_shadow
Severity: Medium
References: CCI-002223

AC-6 (1)

Req-8.7.c

SRG-OS-000480-GPOS-00227

2.2.6
Updated: about 1 year ago