-rw-rw-r-- 1 root root 38446 Feb 7 12:29 shadow -rw------- 1 root root 38401 Feb 7 12:28 shadow-
these are mine, 3 times on RaQ3 with all patches done. What are now the correct permissions 400, 600 or other ? rgds, Herby ----- Original Message ----- From: Todd Kirk To: Cobalt-Security@List. Cobalt. Com Sent: Friday, February 08, 2002 7:23 AM Subject: RE: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH >And yet this from my RAQ resellers tech support. > >"You are pretty safe with those permissions. I wouldn't worry about it." > >My permissions >-r-------- 1 root root 6675 Jan 30 11:56 shadow >-r-------- 1 root root 6614 Jan 23 10:13 shadow- > >I am left at a loss to understand 3 things - >1) Why are the above permissions dangerous >2) Should I in fact change my permissions to 0600 >3) As above, if this is dangerous why did Cobalt do it? Another point I should mention...no customer on this RAQ4R has shell access, some with FTP but they are only able to see from home/sites/www.domain.com/web on down & their personal site regards, Todd Kirk _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
