Re: world-readable shadow backups in SuSe 5.2

[draht2 () RZLIN1 RUF UNI-FREIBURG DE (Roman Drahtmueller)]

On Wed, 11 Nov 1998, Erik <netmask () 303 ORG> wrote:
[...]
> On a slackware 3.5 machine, with no backups... changing users password..
> leaves
>
> -rw-------   1 root     root          560 Nov 11 09:53 shadow-
>
> chmod 600. So I would say its a suse linux problem.


Not having /etc/shadow mode 640 (root.shadow) requires you to suid
root xlock and all the kde screen lockers. With SuSE, 2755
(root.shadow) on xlock and *.kss is enough. So it may _not_ be a SuSE
problem...

Remember that every time a configuration change in the system is being
done with yast (yet another setup tool, specific to SuSE),
/sbin/SuSEconfig is being run. This script launches "/usr/bin/chkstat
-set /etc/permissions"  (plus /etc/permissions{.easy,.local}), where
/etc/permissions describes /etc/shadow as root.shadow, mode 640.

Whenever you change a password or add a user, /etc/shadow- is being
set to the same permissions as /etc/shadow by /usr/bin/password or
/usr/sbin/useradd. If you add users with vi, you must know what you're
doing.

Also keep in mind that yast (and therefore SuSEconfig + chkstat) are
being run at first bootup after setting the root-password. Means:
nobody except root can read /etc/shadow since root is the only user in
the system who has a password. If /etc/shadow- is 644 at this stage,
it just doesn't matter, because the next useradd will clean it up.
It's not beautiful, and it may be considered a bug, but for sure it's
not worth bothering/posting/the time.

rgds,
Roman.
 _                                                                   _
| Roman Drahtmller              "The whole world is about three       |
  CC University of Freiburg       drinks behind."
| email: draht () uni-freiburg de         (Humphrey Bogart)              |
 -                                                                   -