{"description": "The default restrictive permissions for files which act as\nimportant security databases such as <tt>passwd</tt>, <tt>shadow</tt>,\n<tt>group</tt>, and <tt>gshadow</tt> files must be maintained.  Many utilities\nneed read access to the <tt>passwd</tt> file in order to function properly, but\nread access to the <tt>shadow</tt> file allows malicious attacks against system\npasswords, and should never be enabled.", "warnings": [], "requires": [], "conflicts": [], "values": {}, "groups": {}, "rules": ["file_etc_security_opasswd", "file_groupowner_backup_etc_group", "file_groupowner_backup_etc_gshadow", "file_groupowner_backup_etc_passwd", "file_groupowner_backup_etc_shadow", "file_groupowner_etc_group", "file_groupowner_etc_gshadow", "file_groupowner_etc_passwd", "file_groupowner_etc_security_opasswd", "file_groupowner_etc_security_opasswd_old", "file_groupowner_etc_shadow", "file_groupowner_etc_shells", "file_owner_backup_etc_group", "file_owner_backup_etc_gshadow", "file_owner_backup_etc_passwd", "file_owner_backup_etc_shadow", "file_owner_etc_group", "file_owner_etc_gshadow", "file_owner_etc_passwd", "file_owner_etc_security_opasswd", "file_owner_etc_security_opasswd_old", "file_owner_etc_shadow", "file_owner_etc_shells", "file_permissions_backup_etc_group", "file_permissions_backup_etc_gshadow", "file_permissions_backup_etc_passwd", "file_permissions_backup_etc_shadow", "file_permissions_etc_group", "file_permissions_etc_gshadow", "file_permissions_etc_passwd", "file_permissions_etc_security_opasswd", "file_permissions_etc_security_opasswd_old", "file_permissions_etc_shadow", "file_permissions_etc_shells"], "platform": "", "platforms": [], "inherited_platforms": [], "cpe_platform_names": [], "title": "Verify Permissions on Files with Local Account Information and Credentials", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/permissions/files/permissions_important_account_files/group.yml"}