On Thu, Feb 5, 2015 at 9:59 AM, Always Learning centos@u64.u22.net wrote:
Foolish and stupid implicit trust in a third party. Just look at the Windoze world ever since Win95 (first edition of many) materialised. Trust M$ and get a free virus every time !
I wouldn't go there unless you want to compare against, say Red Hat 4 (original, not RHEL) of the same era where virtually every service had remote exploits - and we are still finding them. Or unless you have some sort of proof that a current Windows 2012 server is less secure or stable than a Linux distro.
In addition to my Centos Leaning mailing list suggestion, I would like to see a free web based Centos security questionnaire to ask users security related questions and then present a rating based upon their correct answers. Red Hat people and Fedora people too lurk on here, yet there is a reluctance (probably commercially inspired) not to fully respond to the challenges threatening all of us 'today'.
Let's start with why your /etc/shadow has read access. That's one of the things that was right out of the box. What changed it and why?