| # CIS 6.1.5 Ensure permissions on /etc/gshadow are configured |
| # |
| # Description |
| # =========== |
| # The /etc/gshadow file is used to store the information about groups that |
| # is critical to the security of those accounts, such as the hashed password |
| # and other security information. |
| # |
| # Rationale |
| # ========= |
| # If attackers can gain read access to the /etc/gshadow file, they can easily |
| # run a password cracking program against the hashed password to break it. |
| # Other security information that is stored in the /etc/gshadow file (such as |
| # group administrators) could also be useful to subvert the group. |
| # |
| # Audit |
| # ===== |
| # Run the following command and verify verify Uid is 0/root , |
| # Gid is <gid>/shadow , and Access is 640 or more restrictive: |
| # |
| # # stat /etc/gshadow |
| # Access: (0640/-rw-r-----) Uid: (0/root) Gid: (42/shadow) |
| # |
| # Remediation |
| # =========== |
| # Run the following commands to set permissions on /etc/gshadow : |
| # |
| # # chown root:shadow /etc/gshadow |
| # # chmod o-rwx,g-rw /etc/gshadow |
| # |
| parameters: |
| linux: |
| system: |
| file: |
| /etc/gshadow: |
| user: 'root' |
| group: 'shadow' |
| mode: '0640' |
| |