Saltstack Official Linux Formula
Você não pode selecionar mais de 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.

cis-6-1-2.yml 994B

1234567891011121314151617181920212223242526272829303132333435363738
  1. # CIS 6.1.2 Ensure permissions on /etc/passwd are configured
  2. #
  3. # Description
  4. # ===========
  5. # The /etc/passwd file contains user account information that is used by
  6. # many system utilities and therefore must be readable for these utilities
  7. # to operate.
  8. #
  9. # Rationale
  10. # =========
  11. # It is critical to ensure that the /etc/passwd file is protected from
  12. # unauthorized write access. Although it is protected by default, the file
  13. # permissions could be changed either inadvertently or through malicious actions.
  14. #
  15. # Audit
  16. # =====
  17. # Run the following command and verify Uid and Gid are both 0/root and
  18. # Access is 644 :
  19. #
  20. # # stat /etc/passwd
  21. # Access: (0644/-rw-r--r--) Uid: (0/root) Gid: (0/root)
  22. #
  23. # Remediation
  24. # ===========
  25. # Run the following command to set permissions on /etc/passwd :
  26. #
  27. # # chown root:root /etc/passwd
  28. # # chmod 644 /etc/passwd
  29. #
  30. parameters:
  31. linux:
  32. system:
  33. file:
  34. /etc/passwd:
  35. user: 'root'
  36. group: 'root'
  37. mode: '0644'