On 02/06/2015 12:50 AM, Kahlil Hodgson wrote: > On 6 February 2015 at 10:23, Always Learning <centos at u64.u22.net> wrote: >> Logically ? >> >> 1. to change the permissions on shadow from -rw-x------ or from >> ---------- to -rw-r--r-- requires root permissions ? >> >> 2. if so, then what is the advantage of changing those permissions when >> the entity possessing root authority can already read shadow - that >> entity requires neither group nor user permissions to read shadow. > > The concept in play here is privilege escalation. > > An exploit may not give you all that root can do, but may be limited > to, say, tricking the system to change file permission. > From there an attacker could use that and other exploits to escalate privileges. come on guys, If a cracker changed the perms to 644 he's probably sensible enough to change it back to 000 after grabbing a copy... this is most likely a BCAK error, let it rest please.