Navigate

Check: RHEL-09-232055

RHEL 9 STIG: RHEL-09-232055 (in versions v1 r3 through v1 r1)

Title

RHEL 9 /etc/group file must have mode 0644 or less permissive to prevent unauthorized access. (Cat II impact)

Discussion

The "/etc/group" file contains information regarding groups that are configured on the system. Protection of this file is important for system security.

Check Content

Verify that the "/etc/group" file has mode "0644" or less permissive with the following command: $ sudo stat -c "%a %n" /etc/group 644 /etc/group If a value of "0644" or less permissive is not returned, this is a finding.

Fix Text

Change the mode of the file "/etc/group" to "0644" by running the following command: $ sudo chmod 0644 /etc/group

Additional Identifiers

Rule ID: SV-257891r925660_rule

Vulnerability ID: V-257891

Group Title: SRG-OS-000480-GPOS-00227

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000366	The organization implements the security configuration settings.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-6	Configuration Settings