[CentOS] Another Fedora decision
Kahlil Hodgson
kahlil.hodgson at dealmax.com.auThu Feb 5 23:50:30 UTC 2015
- Previous message: [CentOS] Another Fedora decision
- Next message: [CentOS] Another Fedora decision
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 6 February 2015 at 10:23, Always Learning <centos at u64.u22.net> wrote: > Logically ? > > 1. to change the permissions on shadow from -rw-x------ or from > ---------- to -rw-r--r-- requires root permissions ? > > 2. if so, then what is the advantage of changing those permissions when > the entity possessing root authority can already read shadow - that > entity requires neither group nor user permissions to read shadow. The concept in play here is privilege escalation. An exploit may not give you all that root can do, but may be limited to, say, tricking the system to change file permission. >From there an attacker could use that and other exploits to escalate privileges. K
- Previous message: [CentOS] Another Fedora decision
- Next message: [CentOS] Another Fedora decision
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list