security-fixes

made /etc/passwd root-group writable for multi-tenant solutions that require random UID & added additional protections for /etc/passwd and su/sudo given addition of sudo; replaced installation of rubygem-rake 12.3.2 rpm with 12.3.3 gem installation because of security finding