I agree, it was surprising to me as well. The rationale given is just this:
``` It is critical to ensure that the /etc/passwd- file is protected from unauthorized access. Although it is protected by default, the file permissions could be changed either inadvertently or through malicious actions. ``` If you are interested, you can download the guide at http://workbench.cisecurity.org (I don't recall the specific terms I clicked through when I downloaded it, but I don't think I'm allowed to post it here, even though anyone can download it directly for $0) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1923262 Title: backup /etc/passwd- file should be mode 0600 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1923262/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
