======6.1.3 Ensure permissions on /etc/shadow are configured (Scored)======
=====Profile Applicability=====
Level 1 - Server
Level 1 - Workstation
=====Description=====
The ''/etc/shadow'' file is used to store the information about user accounts that is critical to the security of those accounts, such as the hashed password and other security information.
=====Rationale=====
If attackers can gain read access to the ''/etc/shadow'' file, they can easily run a password cracking program against the hashed password to break it. Other security information that is stored in the ''/etc/shadow'' file (such as expiration) could also be useful to subvert the user accounts.
=====Audit=====
Run the following command and verify ''Uid'' is ''0/root'', ''Gid'' is ''/shadow'', and ''Access'' is ''640'' or more restrictive:
# stat /etc/shadow
Access: (0640/-rw-r-----) Uid: ( 0/ root) Gid: ( 42/ shadow)
=====Remediation=====
Run the following command to set permissions on ''/etc/shadow'':
# chown root:shadow /etc/shadow
# chmod o-rwx,g-wx /etc/shadow