The /etc/group should be group-owned by the root group.
The /etc/group file contains information regarding groups that are configured on the system. Protection of this file is important for system security.
The /etc/gshadow should be group-owned by the root group.
The /etc/gshadow file contains group password hashes. Protection of this file is critical for system security.
The /etc/motd should be group-owned by the root group.
Display of a standardized and approved use notification before granting
access to the operating system ensures privacy and security notification
verbiage used is consistent with applicable federal laws, Executive Orders,
directives, policies, regulations, standards, and guidance.
Proper group ownership will ensure that only root user can modify the banner.
The /etc/passwd should be group-owned by the root group.
The /etc/passwd file contains information about the users that are configured on the system. Protection of this file is critical for system security.
The /etc/shadow should be group-owned by the root group.
The /etc/shadow file stores password hashes. Protection of this file is critical for system security.
The /etc/group should be owned by the root user.
The /etc/group file contains information regarding groups that are configured on the system. Protection of this file is important for system security.
The /etc/gshadow should be owned by the root user.
The /etc/gshadow file contains group password hashes. Protection of this file is critical for system security.
The /etc/motd should be owned by the root user.
Display of a standardized and approved use notification before granting
access to the operating system ensures privacy and security notification
verbiage used is consistent with applicable federal laws, Executive Orders,
directives, policies, regulations, standards, and guidance.
Proper ownership will ensure that only root user can modify the banner.
The /etc/passwd should be owned by the root user.
The /etc/passwd file contains information about the users that are configured on the system. Protection of this file is critical for system security.
The /etc/shadow should be owned by the root user.
The /etc/shadow file contains the list of local system accounts and stores password hashes. Protection of this file is critical for system security. Failure to give ownership of this file to root provides the designated owner with access to sensitive information which could weaken the system security posture.
The /etc/group shall have the 0644 permission mode.
The /etc/group file contains information regarding groups that are configured on the system. Protection of this file is important for system security.
The /etc/gshadow shall have the 0000 permission mode.
The /etc/gshadow file contains group password hashes. Protection of this file is critical for system security.
The /etc/motd shall have the 0644 permission mode.
Display of a standardized and approved use notification before granting
access to the operating system ensures privacy and security notification
verbiage used is consistent with applicable federal laws, Executive Orders,
directives, policies, regulations, standards, and guidance.
Proper permissions will ensure that only root user can modify the banner.
The /etc/passwd shall have the 0644 permission mode.
If the /etc/passwd file is writable by a group-owner or the world the risk of its compromise is increased. The file contains the list of accounts on the system and associated information, and protection of this file is critical for system security.
The /etc/shadow shall have the 0000 permission mode.
The /etc/shadow file contains the list of local system accounts and stores password hashes. Protection of this file is critical for system security. Failure to give ownership of this file to root provides the designated owner with access to sensitive information which could weaken the system security posture.