On Tue, 5 Feb 2002 21:22:06 -0500 Gerald Waugh <[EMAIL PROTECTED]> wrote:
> On Tuesday 05 February 2002 08:06 pm, M. Dinh wrote: > > I'm sorry for my stupidity > > What's wrong if you have /etc/shadow set to > > -r--------? > > Somebody is up to dirty tricks!!! > it should be > -rw-r--r-- > -rw-r--r-- 1 root root 1020 Dec 19 13:36 /etc/passwd Don't teach people wrong things. /etc/passwd should be world-readable, /etc/shadow should not. /etc/shadow's writability for the owner in fact does not matter because it is only read and written by root, and root have read/write access to all files regardless of permission flags. > Kind of difficult to enter a new user / password if no one can write to > the file. Not in this case. In some distributions, /etc/shadow has permissions 0600, but if it has 0400, there is nothing wrong. If it is readable to group or world, *this* is very wrong because it defeats the whole purpose of shadowing the passwords. Eugene _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
