Details

The ‘/etc/gshadow’ file contains group password hashes. Protection of this file is critical for system security.

Solution

To properly set the owner of ‘/etc/gshadow’, run the command:

# chown root /etc/gshadow

Supportive Information

The following resource is also helpful.

• https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_6_V1R18_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.

References

• 800-53|CM-6b.
• CAT|II
• CCI|CCI-000366
• CSCv6|3.1
• Group-ID|V-50759
• Rule-ID|SV-208813r603263_rule
• STIG-ID|OL6-00-000036
• STIG-Legacy|SV-64965
• STIG-Legacy|V-50759
• Vuln-ID|V-208813

Source

• Tenable.com/audits