Profile Applicability:
Level 1
Description:
The /etc/passwd- file is a backup of the /etc/passwd file, which contains user account information. Improper permissions on this backup file can expose user data to unauthorized users.
Rationale:
Securing permissions on /etc/passwd- protects sensitive user account information and reduces the risk of unauthorized access.
Impact:
Pros:
Protects user account data from unauthorized access.
Maintains system security and integrity.
Cons:
Overly restrictive permissions might affect backup and restore operations.
Default Value:
Permissions may vary by distribution but should be restrictive.
Pre-requisites:
Root or sudo privileges to audit and modify file permissions.
Remediation:
Test Plan:
Using Linux command line:
Check current permissions of /etc/passwd-:
ls -l /etc/passwd-
Verify ownership is root:root and permissions are set to 644 or more restrictive.
Implementation Plan:
Using Linux command line:
Set ownership to root:
chown root:root /etc/passwd-
Set permissions to 644:
chmod 644 /etc/passwd-
Verify changes:
ls -l /etc/passwd-
Backout Plan:
Using Linux command line:
Restore previous permissions and ownership from backup if necessary.
Confirm system utilities operate correctly after changes.
References:
CIS Amazon Linux 2 Benchmark v3.0.0