Details

The ‘/etc/passwd’ file contains information about the users that are configured on the system. Protection of this file is critical for system security.

Solution

To properly set the owner of ‘/etc/passwd’, run the command:

# chown root /etc/passwd

Supportive Information

The following resource is also helpful.

• https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_6_V1R18_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.

References

• 800-53|CM-6b.
• CAT|II
• CCI|CCI-000366
• CSCv6|3.1
• Group-ID|V-50769
• Rule-ID|SV-208816r603263_rule
• STIG-ID|OL6-00-000039
• STIG-Legacy|SV-64975
• STIG-Legacy|V-50769
• Vuln-ID|V-208816

Source

• Tenable.com/audits