6.1.5 Ensure permissions on /etc/shadow are configured (Scored)

Level 1 - Server
Level 1 - Workstation 

The /etc/gshadow file is used to store the information about groups that is critical to the security of those accounts, such as the hashed password and other security information.

If attackers can gain read access to the /etc/gshadow file, they can easily run a password cracking program against the hashed password to break it. Other security information that is stored in the /etc/gshadow file (such as group administrators) could also be useful to subvert the group.

Run the following command and verify Uid is 0/root, Gid is <gid>/shadow, and Access is 640 or more restrictive:

# stat /etc/gshadow 
Access: (0640/-rw-r-----) Uid: ( 0/ root) Gid: ( 42/ shadow)

Run the following command to set permissions on /etc/gshadow:

# chown root:shadow /etc/gshadow 
# chmod o-rwx,g-wx /etc/gshadow
  • ubuntu1604/6/1/5.txt
  • Last modified: 2017/05/04 19:54
  • by Piotr K┼éoczewski