On Fri, 2015-02-06 at 10:50 +1100, Kahlil Hodgson wrote: > On 6 February 2015 at 10:23, Always Learning <centos at u64.u22.net> wrote: > > Logically ? > > > > 1. to change the permissions on shadow from -rw-x------ or from > > ---------- to -rw-r--r-- requires root permissions ? > > > > 2. if so, then what is the advantage of changing those permissions when > > the entity possessing root authority can already read shadow - that > > entity requires neither group nor user permissions to read shadow. > > The concept in play here is privilege escalation. > > An exploit may not give you all that root can do, but may be limited > to, say, tricking the system to change file permission. > From there an attacker could use that and other exploits to escalate privileges. How could file permission modification of /etc/shadow be used to "escalate privileges" ? Thanks. -- Regards, Paul. England, EU. Je suis Charlie.