[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH

Subject: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
Date: Fri, 08 Feb 2002 12:33:40 -0800
Organization: nobaloney.net
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Todd Kirk wrote:

> And yet this from my RAQ resellers tech support.
> 
> "You are pretty safe with those permissions. I wouldn't worry about it."
> 
> My permissions
> -r-------- 1 root root 6675 Jan 30 11:56 shadow
> -r-------- 1 root root 6614 Jan 23 10:13 shadow-
> 
> I am left at a loss to understand 3 things -
> 1) Why are the above permissions dangerous
> 2) Should I in fact change my permissions to 0600
> 3) As above, if this is dangerous why did Cobalt do it?

They're not dangerous.  It was the double-layer quoting that confused a
lot of readers.

Again, I apologize for that; usually I'm good at trimming quotes.

Jeff
-- 
Jeff Lasman <jblists@xxxxxxxxxxxxx>
Linux and Cobalt/Sun/RaQ Consulting
nobaloney.net
P. O. Box 52672, Riverside, CA  92517
voice: (909) 778-9980  *  fax: (702) 548-9484

References:
- RE: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
  - From: Todd Kirk

Prev by Date: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
Next by Date: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
Previous by thread: RE: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
Next by thread: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index