Bugtraq mailing list archives
Re: world-readable shadow backups in SuSe 5.2
From: netmask () 303 ORG (Erik)
Date: Wed, 11 Nov 1998 12:15:20 -0600
On a slackware 3.5 machine, with no backups... changing users password.. leaves -rw------- 1 root root 560 Nov 11 09:53 shadow- chmod 600. So I would say its a suse linux problem. On Tue, 10 Nov 1998, HD Moore wrote:
<( conclusion )> Is this an isolated incident with SuSe, or is it a problem inherent to shadow? I know this isn't the first case I've seen default shadow backups being world readable (or shadow.tmp's on SunOs). Could some other package be responsible for changing permissions on these?
*---------------------* | Erik Parker | | netmask () 303 org | | IDC NetOps | *---------------------* | *--------------------------------* | http://www.303.org/ | | ICQ # 9780056 | | talk netmask () spiff idir net | *--------------------------------*
Current thread:
- Re: [Linux] klogd 1.3-22 buffer overflow, (continued)
- Re: [Linux] klogd 1.3-22 buffer overflow Michal Zalewski (Sep 12)
- Re: [Linux] klogd 1.3-22 buffer overflow security () PENGUIN NET AU (Nov 17)
- Update to Microsoft Security Bulletin (MS98-015) Aleph One (Nov 18)
- Multiple KDE security vulnerabilities (root compromise) David G. Andersen (Nov 18)
- Sun Security Bulletin #00179 Aleph One (Nov 18)
- Re: Sun Security Bulletin #00179 Jonathan A. Zdziarski (Nov 19)
- Re: WWWBoard Vulnerability Spartak Radchenko (Nov 10)
- Re: WWWBoard Vulnerability Samuel Sparling (Nov 10)
- world-readable shadow backups in SuSe 5.2 HD Moore (Nov 10)
- mSQL dummies Peter Boutzev (Nov 11)
- Re: world-readable shadow backups in SuSe 5.2 Erik (Nov 11)
- Bootpd 2.4.3 tmp race Marcelo Tosatti (Nov 12)
- Re: world-readable shadow backups in SuSe 5.2 Roman Drahtmueller (Nov 12)
- More msql... Peter Boutzev (Nov 12)
- Re: world-readable shadow backups in SuSe 5.2 Andrew Pitman (Nov 11)
- Re: world-readable shadow backups in SuSe 5.2 xnec (Nov 11)