M. Dinh wrote: > I'm sorry for my stupidity > What's wrong if you have /etc/shadow set to > -r--------?
Erm, nothing... The entire point of /etc/shadow is that the crypted or MD5 passwords are copied out from /etc/passwd (old-fashioned, world readable) to /etc/shadow (root readable only) so that nefarious users can't copy the entire contents of your password file and then attempt to brute-force it through a dictionary checker. I'd be much, much more worried if it's world readable since then any user can view the content. Graeme -- Graeme Fowler System Administrator Host Europe Group PLC _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
