IT Best Practices Tip: nist_V-38457

Severity: medium

Short Description

The /etc/passwd file must have mode 0644 or less permissive.

Long Description

If the "/etc/passwd" file is writable by a group-owner or the world the risk of its compromise is increased. The file contains the list of accounts on the system and associated information, and protection of this file is critical for system security.

How to Check Correct Configuration

To check the permissions of "/etc/passwd", run the command:

$ ls -l /etc/passwd

If properly configured, the output should indicate the following permissions: "-rw-r--r--"
If it does not, this is a finding.

How to Fix

To properly set the permissions of "/etc/passwd", run the command:

# chmod 0644 /etc/passwd