[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH

Subject: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
Date: Fri, 08 Feb 2002 12:36:25 -0800
Organization: nobaloney.net
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Herby K wrote:

> -rw-rw-r--   1 root     root        38446 Feb  7 12:29 shadow
> -rw-------   1 root     root        38401 Feb  7 12:28 shadow-
> 
> these are mine, 3 times on RaQ3 with all patches done. What are now the
> correct permissions 400, 600 or other ?

Either are fine.  Here's how Cobalt sets them up on a new machine:

-r--------   1 root     root          591 Feb  9 06:26 shadow
-rw-------   1 root     root          591 Feb  9 06:26 shadow-

But I hope you didn't wait this long to affect the change.  The first
hours, sometimes minutes, after an exploitable hole is made public, are
the worst.

I actually thought about that before posting the problem and the fix,
but I noticed that some people were already talking about it; just not
realizing it's significance.

Jeff
-- 
Jeff Lasman <jblists@xxxxxxxxxxxxx>
Linux and Cobalt/Sun/RaQ Consulting
nobaloney.net
P. O. Box 52672, Riverside, CA  92517
voice: (909) 778-9980  *  fax: (702) 548-9484

References:
- RE: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
  - From: Todd Kirk
- Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
  - From: Herby K

Prev by Date: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
Next by Date: Re: [cobalt-security] newbee question
Previous by thread: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
Next by thread: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index