Profile Applicability:
Level 1

Description:
 The /etc/passwd- file is a backup of the /etc/passwd file, which contains user account information. Improper permissions on this backup file can expose user data to unauthorized users.

Rationale:
 Securing permissions on /etc/passwd- protects sensitive user account information and reduces the risk of unauthorized access.

Impact:
 Pros:

  • Protects user account data from unauthorized access.

  • Maintains system security and integrity.

Cons:

  • Overly restrictive permissions might affect backup and restore operations.


Default Value:
 Permissions may vary by distribution but should be restrictive.

Pre-requisites:

  • Root or sudo privileges to audit and modify file permissions.

Remediation:

Test Plan:

Using Linux command line:

  1. Check current permissions of /etc/passwd-:

    ls -l /etc/passwd-
  2. Verify ownership is root:root and permissions are set to 644 or more restrictive.

Implementation Plan:

Using Linux command line:

  1. Set ownership to root:

    chown root:root /etc/passwd-
  2. Set permissions to 644:

    chmod 644 /etc/passwd-
  3. Verify changes:

    ls -l /etc/passwd-

Backout Plan:

Using Linux command line:

  1. Restore previous permissions and ownership from backup if necessary.

  2. Confirm system utilities operate correctly after changes.

References: