Re: Another Fedora decision

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Thu, Feb 5, 2015 at 4:19 PM, Keith Keller
<kkeller@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

>> On C5 the default appears to be:-
>>
>>       -rw-r--r-- 1 root root 1220 Jan 31 03:04 shadow
>
> It is much more likely that someone has screwed up your system.  I think
> even CentOS 4 had shadow as 400.  And what on earth would the point be
> in having a world-readable shadow file?!?  The whole point of having a
> shadow file is to keep password hashes out of /etc/passwd so that people
> can't read it.  It would be nonsensical to then make the shadow file
> readable.

Yes, /etc/shadow would have always been readable only by root by
default.   The interesting question here is whether an intruder did
it, clumsily leaving evidence behind, or whether it is just a local
change from following some bad advice about things that need to be
changed - or running some script to make those changes.  The latter
seems more likely to me.

-- 
   Les Mikesell
      lesmikesell@xxxxxxxxx
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux