Skip to content

Verify User Who Owns shadow File

An XCCDF Rule

Description

To properly set the owner of /etc/shadow, run the command:

$ sudo chown root /etc/shadow 

Rationale

The /etc/shadow file contains the list of local system accounts and stores password hashes. Protection of this file is critical for system security. Failure to give ownership of this file to root provides the designated owner with access to sensitive information which could weaken the system security posture.

ID
xccdf_org.ssgproject.content_rule_file_owner_etc_shadow
Severity
Medium
References
Updated



Remediation - Ansible

- name: Test for existence /etc/shadow
  stat:
    path: /etc/shadow
  register: file_exists
  tags:
  - CCE-83259-2

Remediation - Shell Script

chown 0 /etc/shadow