← Rules Catalog
lowfilesystemverified rollback-safe

Ensure permissions on /etc/shells are configured

shells-permissions · RHEL ≥ 8 · 1 impl

Description

The /etc/shells file should have appropriate permissions to prevent unauthorized modification of valid login shells.

Rationale

If /etc/shells permissions are not restrictive, unauthorized users could add malicious shells or modify the list of valid shells.

Check → Remediate

Checkfile_permission
path:
/etc/shells
mode:
0644
owner:
root
group:
root
Remediatefile_permissions
path:
/etc/shells
mode:
0644
owner:
root
group:
root

Framework references

CIS

rhel9 7.1.9rhel8 7.1.9rhel10 7.1.9

NIST 800-53

AC-3CM-6AC-6

Live verification

rhel9:check
#permissions#shells#security