Ensure permission on /etc/passwd- is configuredID: oval:org.secpod.oval:def:68698 | Date: (C)2021-01-31 (M)2023-12-20 |
Class: COMPLIANCE | Family: unix |
The /etc/passwd file contains user account information that is used by many system utilities and therefore must be readable for these utilities to operate.
Rationale:
It is critical to ensure that the /etc/passwd file is protected from unauthorized write access. Although it is protected by default, the file permissions could be changed either inadvertently or through malicious actions.