Re: world-readable shadow backups in SuSe 5.2

[xnec () WINTERMUTE LINUX TC (xnec)]

I've tested this on two seperate SuSE 5.2 boxes and neither have displayed
the kind of behavior you describe.  I'd venture that this is a problem
exclusive to your system.

fear:/home/xnec # ls -la /etc/shadow*
-rw-r-----   1 root     shadow        773 Nov 12 01:21 /etc/shadow
-rw-r-----   1 root     shadow        756 Nov 12 01:21 /etc/shadow-
-rw-r-----   1 root     shadow        568 Jul 14 22:59 /etc/shadow.orig
fear:/home/xnec #

             -xnec


On Tue, 10 Nov 1998, HD Moore wrote:

> <( problem )>
>
> The _first_ set of shadow backups created on SuSe 5.2 are world readable.
> This includes '/etc/shadow-' and the original root pass in
> '/etc/shadow.orig'.  I duplicated this on 3 different systems where I had
> just installed SuSe 5.2 with shadowed passwd support.
>
> <( fix )>
>
> The way to fix repair is to just delete all the backup copies and when they
> are re-created they have the right permissions.
>
> <( conclusion )>
>
> Is this an isolated incident with SuSe, or is it a problem inherent to
> shadow?  I know this isn't the first case I've seen default shadow backups
> being world readable (or shadow.tmp's on SunOs).  Could some other package
> be responsible for changing permissions on these?

#######################################################
# xnec () wintermute linux tc - xnec on DALnet and EFnet #
#######################################################