|
1234567891011121314151617181920212223242526272829303132333435363738 |
- # CIS 6.1.4 Ensure permissions on /etc/group are configured
- #
- # Description
- # ===========
- # The /etc/group file contains a list of all the valid groups defined in the
- # system. The command below allows read/write access for root and read access
- # for everyone else.
- #
- # Rationale
- # =========
- # The /etc/group file needs to be protected from unauthorized changes by
- # non-privileged users, but needs to be readable as this information is used
- # with many non-privileged programs.
- #
- # Audit
- # =====
- # Run the following command and verify Uid and Gid are both 0/root and
- # Access is 644 :
- #
- # # stat /etc/group
- # Access: (0644/-rw-r--r--) Uid: (0/root) Gid: (0/root)
- #
- # Remediation
- # ===========
- # Run the following command to set permissions on /etc/group :
- #
- # # chown root:root /etc/group
- # # chmod 644 /etc/group
- #
- parameters:
- linux:
- system:
- file:
- /etc/group:
- user: 'root'
- group: 'root'
- mode: '0644'
-
|