Verify User Who Owns Backup group File
An XCCDF Rule
Description
To properly set the owner of /etc/group-
, run the command:
$ sudo chown root /etc/group-
Rationale
The /etc/group-
file is a backup file of /etc/group
, and as such,
it contains information regarding groups that are configured on the system.
Protection of this file is important for system security.
- ID
- xccdf_org.ssgproject.content_rule_file_owner_backup_etc_group
- Severity
- Medium
- References
- Updated
Remediation - Shell Script
chown 0 /etc/group-
Remediation - Ansible
- name: Test for existence /etc/group-
stat:
path: /etc/group-
register: file_exists
tags:
- NIST-800-53-AC-6 (1)