Skip to content

Verify Permissions on Backup gshadow File

An XCCDF Rule

Description

To properly set the permissions of /etc/gshadow-, run the command:

$ sudo chmod 0000 /etc/gshadow-

Rationale

The /etc/gshadow- file is a backup of /etc/gshadow, and as such, it contains group password hashes. Protection of this file is critical for system security.

ID
xccdf_org.ssgproject.content_rule_file_permissions_backup_etc_gshadow
Severity
Medium
References
Updated



Remediation - Ansible

- name: Test for existence /etc/gshadow-
  stat:
    path: /etc/gshadow-
  register: file_exists
  tags:
  - DISA-STIG-RHEL-09-232070

Remediation - Shell Script






chmod u-xwrs,g-xwrs,o-xwrt /etc/gshadow-