Verify /etc/shells file permissionsID: oval:org.secpod.oval:def:95933 | Date: (C)2023-12-19 (M)2023-12-20 |
Class: COMPLIANCE | Family: unix |
/etc/shells is a text file which contains the full pathnames of valid login shells. This file is consulted by chsh and available to be queried by other programs.Rationale:It is critical to ensure that the /etc/shells file is protected from unauthorized access. Although it is protected by default, the file permissions could be changed either inadvertently or through malicious actions.