[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
- Subject: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
- From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
- Date: Fri, 08 Feb 2002 12:33:40 -0800
- Organization: nobaloney.net
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Todd Kirk wrote:
> And yet this from my RAQ resellers tech support.
>
> "You are pretty safe with those permissions. I wouldn't worry about it."
>
> My permissions
> -r-------- 1 root root 6675 Jan 30 11:56 shadow
> -r-------- 1 root root 6614 Jan 23 10:13 shadow-
>
> I am left at a loss to understand 3 things -
> 1) Why are the above permissions dangerous
> 2) Should I in fact change my permissions to 0600
> 3) As above, if this is dangerous why did Cobalt do it?
They're not dangerous. It was the double-layer quoting that confused a
lot of readers.
Again, I apologize for that; usually I'm good at trimming quotes.
Jeff
--
Jeff Lasman <jblists@xxxxxxxxxxxxx>
Linux and Cobalt/Sun/RaQ Consulting
nobaloney.net
P. O. Box 52672, Riverside, CA 92517
voice: (909) 778-9980 * fax: (702) 548-9484