Profile Applicability:
Level 1

Description:
 The /etc/group file contains group account information used by the system for access control. Improper permissions on this file can expose group data, leading to potential security risks.

Rationale:
 Securing permissions on /etc/group prevents unauthorized access or modification of group data, which is crucial for system security and user management.

Impact:
 Pros:

  • Protects sensitive group information.

  • Helps maintain system integrity.

Cons:

  • Overly restrictive permissions may affect system utilities that need to read this file.

Default Value:
 Permissions are usually set to allow read access by all users but write access only to root.

Pre-requisites:

  • Root or sudo privileges to audit and modify file permissions.

Remediation:

Test Plan:

Using Linux command line:

  1. Check current permissions of /etc/group:

    ls -l /etc/group

  2. Verify ownership is root:root and permissions are set to 644.

Implementation Plan:

Using Linux command line:

  1. Set ownership to root:

    chown root:root /etc/group

  2. Set permissions to 644:

    chmod 644 /etc/group

  3. Verify changes:

    ls -l /etc/group

Backout Plan:

Using Linux command line:

  1. Restore previous permissions and ownership from backup if necessary.

  2. Confirm system utilities operate correctly after changes.

References: