[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH

Subject: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
Date: Fri, 08 Feb 2002 12:30:01 -0800
Organization: nobaloney.net
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

David Lucas wrote:

> Most of have stated that we have -r--------.  I think it would be best to
> let people know just who you are talking to as there are many newbies
> here.  Our 400 setting is better than a 600 is it not?

No; it's the same, since root can write with our without specific
permission to do so.

The standard raq setup is: 

-r--------   1 root     root          591 Feb  9 06:26 shadow
-rw-------   1 root     root          591 Feb  9 06:26 shadow-

but

-rw-------   1 root     root          591 Feb  9 06:26 shadow
-rw-------   1 root     root          591 Feb  9 06:26 shadow-

would be exactly the same as a security issue.

> I think you are speaking to the people with the xxxr--r--, is that not
> correct?

That IS correct.

I'm sorry if in my rush to get the world out I wasn't clear <frown>.

Jeff
-- 
Jeff Lasman <jblists@xxxxxxxxxxxxx>
Linux and Cobalt/Sun/RaQ Consulting
nobaloney.net
P. O. Box 52672, Riverside, CA  92517
voice: (909) 778-9980  *  fax: (702) 548-9484

References:
- Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
  - From: David Lucas

Prev by Date: Re: [cobalt-security] /etc/shadow
Next by Date: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
Previous by thread: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
Next by thread: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index