[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] CMU Security problem [ /etc/shadow permissions ]

Subject: RE: [cobalt-security] CMU Security problem [ /etc/shadow permissions ]
From: "Gary M. Root" <groot@xxxxxxxxxxxxxxx>
Date: Mon, 11 Feb 2002 11:45:07 -0800
Organization: Liquid Spark, LLC
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

We all make mistakes. Go easy on Jeff, gang.

-Gary

>While running cmuImport on RaQ 3, RaQ 4, and RaQXTR the permission of
>/etc/shadow are not properly restored.   This is a HUGE 
>security problem
>since all user passwords are stored in this file.  If have run 
>CMU on your RaQ please issue the following command as root: $ 
>chmod 400 /etc/shadow
>
>The correct permissions of /etc/shadow should be:
>-r-------- 1 root root 561 Feb 11 10:35 /etc/shadow
>
>Fix for CMU security problem, as root do the following:
>$ wget ftp://ftp.cobaltnet.com/pub/users/jeffb/cmu/shadowfix.patch
>$ patch -p0 shadowfix.patch
>
>This fix will be included in next release of CMU.  This 
>blunder is a mistake on my part and I would like to apologize 
>to all CMU users for it. 
>-
>Jeff Bilicki
>Software Engineer
>Sun Cobalt Server Appliances
>Sun Microsystems, Inc. _______________________________________________
>cobalt-security mailing list
>cobalt-security@xxxxxxxxxxxxxxx 
>http://list.cobalt.com/mailman/listinfo/cobalt->security
>
>

References:
- [cobalt-security] CMU Security problem [ /etc/shadow permissions ]
  - From: Jeff Bilcki

Prev by Date: Re: [cobalt-security] Apache running as root . . . .
Next by Date: Re: [cobalt-security] Apache running as root . . . .
Previous by thread: [cobalt-security] CMU Security problem [ /etc/shadow permissions ]
Next by thread: Re: [cobalt-security] CMU Security problem [ /etc/shadow permissions ]

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index