Re: [CentOS] an actual hacked machine, in a preserved state

3 Jan 2012


      Hello Rudi,
On Tue, 2012-01-03 at 11:14 +0200, Rudi Ahlers wrote:
...
How does something like c99shell allow a local user (not root) to read
the /etc/shadow file?
I do not vouch for every app that is written to break good security
practices. Try
$ ls -l /etc/shadow
If the tool you are using allows normal users access to /etc/shadow it
is using some sort of root privileges, either it's a suid tool (ouch) or
it needs entries in /etc/sudoers (visudo). In either case, I cannot
think of a valid reason to allow normal users access to this file.
http://tldp.org/HOWTO/Shadow-Password-HOWTO.html for more information on
shadow passwords.
Regards,
Leonard.
-- 
mount -t life -o ro /dev/dna /genetic/research

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Re: [CentOS] an actual hacked machine, in a preserved state