[CentOS] Another Fedora decision
Les Mikesell
lesmikesell at gmail.comThu Feb 5 22:29:47 UTC 2015
- Previous message: [CentOS] Another Fedora decision
- Next message: [CentOS] Another Fedora decision
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, Feb 5, 2015 at 4:19 PM, Keith Keller <kkeller at wombat.san-francisco.ca.us> wrote: >> On C5 the default appears to be:- >> >> -rw-r--r-- 1 root root 1220 Jan 31 03:04 shadow > > It is much more likely that someone has screwed up your system. I think > even CentOS 4 had shadow as 400. And what on earth would the point be > in having a world-readable shadow file?!? The whole point of having a > shadow file is to keep password hashes out of /etc/passwd so that people > can't read it. It would be nonsensical to then make the shadow file > readable. Yes, /etc/shadow would have always been readable only by root by default. The interesting question here is whether an intruder did it, clumsily leaving evidence behind, or whether it is just a local change from following some bad advice about things that need to be changed - or running some script to make those changes. The latter seems more likely to me. -- Les Mikesell lesmikesell at gmail.com
- Previous message: [CentOS] Another Fedora decision
- Next message: [CentOS] Another Fedora decision
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list