Check: OL6-00-000041
Oracle Linux 6 STIG:
OL6-00-000041
(in versions v2 r7 through v1 r9)
Title
The /etc/passwd file must have mode 0644 or less permissive. (Cat II impact)
Discussion
If the "/etc/passwd" file is writable by a group-owner or the world the risk of its compromise is increased. The file contains the list of accounts on the system and associated information, and protection of this file is critical for system security.
Check Content
To check the permissions of "/etc/passwd", run the command: $ ls -l /etc/passwd If properly configured, the output should indicate the following permissions: "-rw-r--r--" If it does not, this is a finding.
Fix Text
To properly set the permissions of "/etc/passwd", run the command: # chmod 0644 /etc/passwd
Additional Identifiers
Rule ID: SV-208818r793603_rule
Vulnerability ID: V-208818
Group Title: SRG-OS-000480
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |