[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH

Subject: RE: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
From: "Todd Kirk" <tkirk@xxxxxxxxxxxxxx>
Date: Fri, 8 Feb 2002 17:20:09 +1100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

> ->After reading some posts today I looked at a 
> ->lot of RaQs I maintain.
> ->
> ->It has come to my attention that newly restored 
> ->or upgraded RaQ3s and RaQ4s could have 
> ->/etc/shadow* files that are world-readable.
> ->Check yours.  Fix it:
> -># chmod 600 /etc/shadow*
> ->If you can't do it yourself, have someone do 
> ->it for you.
> 
> Luckily I don't allow shell access so those files
> can't be viewed. But this begs the question WHY on
> earth would the official Cobalt Restore CD(s) be
> setting up restored boxes with risky permissions on
> the shadow password file?


And yet this from my RAQ resellers tech support.

"You are pretty safe with those permissions. I wouldn't worry about it."

My permissions
-r-------- 1 root root 6675 Jan 30 11:56 shadow
-r-------- 1 root root 6614 Jan 23 10:13 shadow-

I am left at a loss to understand 3 things -
1) Why are the above permissions dangerous
2) Should I in fact change my permissions to 0600
3) As above, if this is dangerous why did Cobalt do it?
 
regards,
 
Todd Kirk

Follow-Ups:
- Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
  - From: Jeff Lasman

References:
- [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
  - From: Barbara

Prev by Date: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
Next by Date: RE: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
Previous by thread: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
Next by thread: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index