[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: FW: [cobalt-security] Local Root exploit

Subject: RE: FW: [cobalt-security] Local Root exploit
From: "Steven Young" <steven.young@xxxxxxxxxxxxxxx>
Date: Mon, 23 Sep 2002 21:04:21 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

> > Example from an OS restored box with improper permissions:
> > 
> >  ls -la /etc/passwd /etc/shadow
> > -rw-r--r--   1 root     root         9839 Sep 18 23:55 /etc/passwd
> > -rw-rw-r--   1 root     root         6487 Sep 18 23:55 /etc/shadow
> > 
> > Proper permissions:
> > 
> >  ls -la /etc/passwd /etc/shadow
> > -rw-------   1 root     root         9839 Sep 18 23:55 /etc/passwd
> > -rw-------   1 root     root         6487 Sep 18 23:55 /etc/shadow
> 
> Not exactly right.  /etc/passwd *should* be world readable.  
> The point of separation of /etc/passwd and /etc/shadow back 
> in ca. 1990 was to protect password hashes while still 
> letting non-proviledged processes use getpw*() family of 
> functions.  That have lots of legitimate uses.


Ummm, errrr, so what's going on with my /etc/shadow ? Surely I should
have root write permission for this file?

[mycmdprompt]# ls -la /etc/passwd /etc/shadow
-rw-r--r--   1 root     root         2450 Sep  4 15:34 /etc/passwd
-r--------   1 root     root         1539 Sep  4 15:34 /etc/shadow

~
Steven

Follow-Ups:
- RE: FW: [cobalt-security] Local Root exploit
  - From: Eugene Crosser

References:
- Re: FW: [cobalt-security] Local Root exploit
  - From: Eugene Crosser

Prev by Date: Re: [cobalt-security] has my machine been hacked
Next by Date: Re: FW: [cobalt-security] Local Root exploit
Previous by thread: Re: FW: [cobalt-security] Local Root exploit
Next by thread: RE: FW: [cobalt-security] Local Root exploit

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index