======6.1.9 Ensure permissions on /etc/gshadow- are configured (Scored)======
=====Profile Applicability=====  
<code>
Level 1 - Server
Level 1 - Workstation 
</code>

=====Description=====
The ''/etc/gshadow-'' file is used to store backup information about groups that is critical to the security of those accounts, such as the hashed password and other security information.

=====Rationale=====
It is critical to ensure that the ''/etc/gshadow-'' file is protected from unauthorized access. Although it is protected by default, the file permissions could be changed either inadvertently or through malicious actions.

=====Audit===== 
Run the following command and verify ''Uid'' and ''Gid'' are both ''0/root'' and ''Access'' is ''600'':
<Code:bash>
# stat /etc/gshadow- 
Access: (0600/-rw-------) Uid: ( 0/ root) Gid: ( 0/ root)
</Code>
=====Remediation===== 
Run the following command to set permissions on ''/etc/gshadow-'':
<Code:bash>
# chown root:root /etc/gshadow-
# chmod 600 /etc/gshadow-
</Code>