[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] POSSIBLE MAJOR SECURITY BREACH

Subject: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
Date: Thu, 07 Feb 2002 19:47:21 -0800
Organization: nobaloney.net
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

After reading some posts today I looked at a lot of RaQs I maintain.

It has come to my attention that newly restored or upgraded RaQ3s and
RaQ4s could have /etc/shadow* files that are world-readable.

Check yours.  Fix it:

# chmod 600 /etc/shadow*

If you can't do it yourself, have someone do it for you.

NOW.

Jeff
-- 
Jeff Lasman <jblists@xxxxxxxxxxxxx>
Linux and Cobalt/Sun/RaQ Consulting
nobaloney.net
P. O. Box 52672, Riverside, CA  92517
voice: (909) 778-9980  *  fax: (702) 548-9484

Follow-Ups:
- Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
  - From: David Lucas

Prev by Date: Re: [cobalt-security] amd root?
Next by Date: Re: [cobalt-security] /etc/shadow
Previous by thread: [cobalt-security] htaccess options for disabling scripts
Next by thread: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index