On 6 February 2015 at 10:23, Always Learning <centos@xxxxxxxxxxx> wrote: > Logically ? > > 1. to change the permissions on shadow from -rw-x------ or from > ---------- to -rw-r--r-- requires root permissions ? > > 2. if so, then what is the advantage of changing those permissions when > the entity possessing root authority can already read shadow - that > entity requires neither group nor user permissions to read shadow. The concept in play here is privilege escalation. An exploit may not give you all that root can do, but may be limited to, say, tricking the system to change file permission. >From there an attacker could use that and other exploits to escalate privileges. K _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: Another Fedora decision
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: Another Fedora decision
- From: Kahlil Hodgson <kahlil.hodgson@xxxxxxxxxxxxxx>
- Date: Fri, 6 Feb 2015 10:50:30 +1100
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <1423178584.4715.115.camel@m6>
- Follow-Ups:
- Re: Another Fedora decision
- From: Nicolas Thierry-Mieg
- Re: Another Fedora decision
- From: Always Learning
- Re: Another Fedora decision
- References:
- Re: Another Fedora decision
- From: Lamar Owen
- Re: Another Fedora decision
- From: Lamar Owen
- Re: Another Fedora decision
- From: Warren Young
- Re: Another Fedora decision
- From: Always Learning
- Re: Another Fedora decision
- From: Keith Keller
- Re: Another Fedora decision
- From: Les Mikesell
- Re: Another Fedora decision
- From: Valeri Galtsev
- Re: Another Fedora decision
- From: Always Learning
- Re: Another Fedora decision
- Prev by Date: Re: Another Fedora decision
- Next by Date: Another Fedora decision
- Previous by thread: Re: Another Fedora decision
- Next by thread: Re: Another Fedora decision
- Index(es):
 |