Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ======6.2.3 Ensure no legacy "+" entries exist in /etc/shadow (Scored)====== =====Profile Applicability===== <code> Level 1 - Server Level 1 - Workstation </code> =====Description===== The character + in various files used to be markers for systems to insert data from NIS maps at a certain point in a system configuration file. These entries are no longer required on most systems, but may exist in files that have been imported from other platforms. =====Rationale===== These entries may provide an avenue for attackers to gain privileged access on the system. =====Audit===== Run the following command and verify that no output is returned: <Code:bash> # grep '^+:' /etc/shadow </Code> =====Remediation===== Remove any legacy '+' entries from ''/etc/shadow'' if they exist. ubuntu1604/6/2/3.txt Last modified: 2017/05/04 14:17by 127.0.0.1