Navigate

Check: RHEL-06-000041

Red Hat Enterprise Linux 6 STIG: RHEL-06-000041 (in versions v2 r2 through v1 r14)

Title

The /etc/passwd file must have mode 0644 or less permissive. (Cat II impact)

Discussion

If the "/etc/passwd" file is writable by a group-owner or the world the risk of its compromise is increased. The file contains the list of accounts on the system and associated information, and protection of this file is critical for system security.

Check Content

To check the permissions of "/etc/passwd", run the command: $ ls -l /etc/passwd If properly configured, the output should indicate the following permissions: "-rw-r--r--" If it does not, this is a finding.

Fix Text

To properly set the permissions of "/etc/passwd", run the command: # chmod 0644 /etc/passwd

Additional Identifiers

Rule ID: SV-217879r603264_rule

Vulnerability ID: V-217879

Group Title: SRG-OS-000480

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000366	Implement the security configuration settings.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-6	Configuration Settings