linux-baseline Add file system checks for other shadow and passwd/group files

Add file system checks for other shadow and passwd/group files

Open cmhe opened this issue 3 years ago • 1 comments

Is your feature request related to a problem? Please describe. We currently have os-02 and os-03 which checks the permissions of /etc/shadow and /etc/passwd.

There are other files related to those, which are currently ignored:

/etc/shadow- (backup for /etc/shadow
/etc/gshadow (might contain group password hashes)
/etc/gshadow- (backup for /etc/gshadow)
/etc/passwd- (backup for /etc/passwd)
/etc/group (contains available groups and memberships)
/etc/group- (backup for /etc/group)

Describe the solution you'd like Add checks for those files as well

Oct 25 '21 07:10 cmhe

Great idea @cmhe Happy to accept PRs to improve the controls

Oct 25 '21 07:10 chris-rock

linux-baseline linux-baseline copied to clipboard

Add file system checks for other shadow and passwd/group files

linux-baseline
linux-baseline copied to clipboard