[CentOS] an actual hacked machine, in a preserved state
Leonard den Ottolander
leonard at den.ottolander.nl
Tue Jan 3 10:01:01 UTC 2012
On Tue, 2012-01-03 at 11:14 +0200, Rudi Ahlers wrote:
> How does something like c99shell allow a local user (not root) to read
> the /etc/shadow file?
I do not vouch for every app that is written to break good security
$ ls -l /etc/shadow
If the tool you are using allows normal users access to /etc/shadow it
is using some sort of root privileges, either it's a suid tool (ouch) or
it needs entries in /etc/sudoers (visudo). In either case, I cannot
think of a valid reason to allow normal users access to this file.
http://tldp.org/HOWTO/Shadow-Password-HOWTO.html for more information on
mount -t life -o ro /dev/dna /genetic/research
More information about the CentOS