Verify Permissions on Files with Local Account Information and Credentials

An XCCDF Group

Details
Profiles
Prose

Description

The default restrictive permissions for files which act as important security databases such as passwd, shadow, group, and gshadow files must be maintained. Many utilities need read access to the passwd file in order to function properly, but read access to the shadow file allows malicious attacks against system passwords, and should never be enabled.

ID: xccdf_org.ssgproject.content_group_permissions_important_account_files
Child Items: 24
Updated: over 1 year ago