Saltstack Official Linux Formula
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.

cis-6-1-8.yml 940B

12345678910111213141516171819202122232425262728293031323334353637
  1. # CIS 6.1.8 Ensure permissions on /etc/group- are configured
  2. #
  3. # Description
  4. # ===========
  5. # The /etc/group- file contains a backup list of all the valid groups defined
  6. # in the system.
  7. #
  8. # Rationale
  9. # =========
  10. # It is critical to ensure that the /etc/group- file is protected from
  11. # unauthorized access. Although it is protected by default, the file
  12. # permissions could be changed either inadvertently or through malicious actions.
  13. #
  14. # Audit
  15. # =====
  16. # Run the following command and verify Uid and Gid are both 0/root and
  17. # Access is 600 or more restrictive:
  18. #
  19. # # stat /etc/group-
  20. # Access: (0600/-rw-------) Uid: (0/root) Gid: (0/root)
  21. #
  22. # Remediation
  23. # ===========
  24. # Run the following command to set permissions on /etc/group- :
  25. #
  26. # # chown root:root /etc/group-
  27. # # chmod 600 /etc/group-
  28. #
  29. parameters:
  30. linux:
  31. system:
  32. file:
  33. /etc/group-:
  34. user: 'root'
  35. group: 'root'
  36. mode: '0600'