[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH

Subject: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
From: David Lucas <david@xxxxxxxxxxxxxxxx>
Date: Thu, 07 Feb 2002 22:37:38 -0600
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

At 09:47 PM 2/7/2002, you wrote:

After reading some posts today I looked at a lot of RaQs I maintain.

It has come to my attention that newly restored or upgraded RaQ3s and
RaQ4s could have /etc/shadow* files that are world-readable.

Check yours.  Fix it:

# chmod 600 /etc/shadow*

If you can't do it yourself, have someone do it for you.

NOW.

Jeff
--

Most of have stated that we have -r--------. I think it would be best tolet people know just who you are talking to as there are many newbieshere. Our 400 setting is better than a 600 is it not?

I think you are speaking to the people with the xxxr--r--, is that notcorrect?

Follow-Ups:
- Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
  - From: Jeff Lasman

References:
- [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
  - From: Jeff Lasman

Prev by Date: Re: [cobalt-security] /etc/shadow
Next by Date: Re: [cobalt-security] /etc/shadow
Previous by thread: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
Next by thread: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index