iCompaas Support

Profile Applicability:
Level 1

Description:
 The /etc/group file contains group account information used by the system for access control. Improper permissions on this file can expose group data, leading to potential security risks.

Rationale:
 Securing permissions on /etc/group prevents unauthorized access or modification of group data, which is crucial for system security and user management.

Impact:
 Pros:

• Protects sensitive group information.
  

• Helps maintain system integrity.
  

Cons:

• Overly restrictive permissions may affect system utilities that need to read this file.
  

Default Value:
 Permissions are usually set to allow read access by all users but write access only to root.

Pre-requisites:

• Root or sudo privileges to audit and modify file permissions.
  

Remediation:

Test Plan:

Using Linux command line:

1. Check current permissions of /etc/group:

   ls -l /etc/group

2. Verify ownership is root:root and permissions are set to 644.
   

Implementation Plan:

Using Linux command line:

1. Set ownership to root:

   chown root:root /etc/group

2. Set permissions to 644:

   chmod 644 /etc/group

3. Verify changes:

   ls -l /etc/group

Backout Plan:

Using Linux command line:

1. Restore previous permissions and ownership from backup if necessary.
   

2. Confirm system utilities operate correctly after changes.
   

References:

• CIS Amazon Linux 2 Benchmark v3.0.0
  

• NIST SP 800-53 Revision 5 - CM-6