[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] CMU Security problem [ /etc/shadow permissions ]
- Subject: Re: [cobalt-security] CMU Security problem [ /etc/shadow permissions ]
- From: Jeff Bilicki <jeff@xxxxxxxxxxx>
- Date: Wed, 13 Feb 2002 11:06:30 -0800
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
The patch command should be:
$ patch -p0 < shadowfix.patch
Jeff-
> While running cmuImport on RaQ 3, RaQ 4, and RaQXTR the permission of
> /etc/shadow are not properly restored. This is a HUGE security problem
> since all user passwords are stored in this file. If have run CMU on
> your RaQ please issue the following command as root:
> $ chmod 400 /etc/shadow
> The correct permissions of /etc/shadow should be:
> -r-------- 1 root root 561 Feb 11 10:35 /etc/shadow
> Fix for CMU security problem, as root do the following:
> $ wget ftp://ftp.cobaltnet.com/pub/users/jeffb/cmu/shadowfix.patch
> $ patch -p0 shadowfix.patch
> This fix will be included in next release of CMU. This blunder is a
> mistake on my part and I would like to apologize to all CMU users for
> it.
> -
> Jeff Bilicki
> Software Engineer
> Sun Cobalt Server Appliances
> Sun Microsystems, Inc.
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security