Navigate

Check: RHEL-09-232070

RHEL 9 STIG: RHEL-09-232070 (in versions v1 r3 through v1 r1)

Title

RHEL 9 /etc/gshadow- file must have mode 0000 or less permissive to prevent unauthorized access. (Cat II impact)

Discussion

The "/etc/gshadow-" file is a backup of "/etc/gshadow", and as such, contains group password hashes. Protection of this file is critical for system security.

Check Content

Verify that the "/etc/gshadow-" file has mode "0000" with the following command: $ sudo stat -c "%a %n" /etc/gshadow- 0 /etc/gshadow- If a value of "0" is not returned, this is a finding.

Fix Text

Change the mode of the file "/etc/gshadow-" to "0000" by running the following command: $ sudo chmod 0000 /etc/gshadow-

Additional Identifiers

Rule ID: SV-257894r925669_rule

Vulnerability ID: V-257894

Group Title: SRG-OS-000480-GPOS-00227

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000366	The organization implements the security configuration settings.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-6	Configuration Settings