Join the Reckless Community* indicates requiredEmail Address *First Name *Last Name *
Back to CloudLinux AlmaLinux OS 9 Security Technical Implementation Guide
Severity: Medium
<VulnDiscussion>The "/etc/gshadow" file contains group password hashes. Protection of this file is critical for system security.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
Verify the ownership of the "/etc/gshadow" file with the following command: $ stat -c "%U %n" /etc/gshadow root /etc/gshadow If "/etc/gshadow" file does not have an owner of "root", this is a finding.
Change the owner of the file /etc/gshadow to root by running the following command: $ chown root /etc/gshadow