Table of Contents

6.1.6 Ensure permissions on /etc/passwd- are configured (Scored)

Profile Applicability

Level 1 - Server
Level 1 - Workstation 

Description

The /etc/passwd- file contains backup user account information.

Rationale

It is critical to ensure that the /etc/passwd- file is protected from unauthorized access. Although it is protected by default, the file permissions could be changed either inadvertently or through malicious actions.

Audit

Run the following command and verify Uid and Gid are both 0/root and Access is 600:

# stat /etc/passwd- 
Access: (0600/-rw-------) Uid: ( 0/ root) Gid: ( 0/ root)

Remediation

Run the following command to set permissions on /etc/passwd-:

# chown root:root /etc/passwd- 
# chmod 600 /etc/passwd-