Level 1 - Server Level 1 - Workstation
The /etc/passwd file contains user account information that is used by many system utilities and therefore must be readable for these utilities to operate.
It is critical to ensure that the /etc/passwd file is protected from unauthorized write access. Although it is protected by default, the file permissions could be changed either inadvertently or through malicious actions.
Run the following command and verify Uid and Gid are both 0/root and Access is 644:
# stat /etc/passwd Access: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ root)
Run the following command to set permissions on /etc/passwd:
# chown root:root /etc/passwd # chmod 644 /etc/passwd