> ->After reading some posts today I looked at a > ->lot of RaQs I maintain. > -> > ->It has come to my attention that newly restored > ->or upgraded RaQ3s and RaQ4s could have > ->/etc/shadow* files that are world-readable. > ->Check yours. Fix it: > -># chmod 600 /etc/shadow* > ->If you can't do it yourself, have someone do > ->it for you. > > Luckily I don't allow shell access so those files > can't be viewed. But this begs the question WHY on > earth would the official Cobalt Restore CD(s) be > setting up restored boxes with risky permissions on > the shadow password file?
And yet this from my RAQ resellers tech support. "You are pretty safe with those permissions. I wouldn't worry about it." My permissions -r-------- 1 root root 6675 Jan 30 11:56 shadow -r-------- 1 root root 6614 Jan 23 10:13 shadow- I am left at a loss to understand 3 things - 1) Why are the above permissions dangerous 2) Should I in fact change my permissions to 0600 3) As above, if this is dangerous why did Cobalt do it? regards, Todd Kirk _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
