Profile Applicability:
Level 1
Description:
The /etc/group file contains group account information used by the system for access control. Improper permissions on this file can expose group data, leading to potential security risks.
Rationale:
Securing permissions on /etc/group prevents unauthorized access or modification of group data, which is crucial for system security and user management.
Impact:
Pros:
Protects sensitive group information.
Helps maintain system integrity.
Cons:
Overly restrictive permissions may affect system utilities that need to read this file.
Default Value:
Permissions are usually set to allow read access by all users but write access only to root.
Pre-requisites:
Root or sudo privileges to audit and modify file permissions.
Remediation:
Test Plan:
Using Linux command line:
Check current permissions of /etc/group:
ls -l /etc/group
Verify ownership is root:root and permissions are set to 644.
Implementation Plan:
Using Linux command line:
Set ownership to root:
chown root:root /etc/group
Set permissions to 644:
chmod 644 /etc/group
Verify changes:
ls -l /etc/group
Backout Plan:
Using Linux command line:
Restore previous permissions and ownership from backup if necessary.
Confirm system utilities operate correctly after changes.
References:
CIS Amazon Linux 2 Benchmark v3.0.0