Re: an actual hacked machine, in a preserved state

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Hello Rudi,

On Tue, 2012-01-03 at 11:14 +0200, Rudi Ahlers wrote:
> How does something like c99shell allow a local user (not root) to read
> the /etc/shadow file?

I do not vouch for every app that is written to break good security
practices. Try
$ ls -l /etc/shadow

If the tool you are using allows normal users access to /etc/shadow it
is using some sort of root privileges, either it's a suid tool (ouch) or
it needs entries in /etc/sudoers (visudo). In either case, I cannot
think of a valid reason to allow normal users access to this file.

http://tldp.org/HOWTO/Shadow-Password-HOWTO.html for more information on
shadow passwords.

Regards,
Leonard.

-- 
mount -t life -o ro /dev/dna /genetic/research


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux