Bugtraq mailing list archives
Re: world-readable shadow backups in SuSe 5.2
From: draht2 () RZLIN1 RUF UNI-FREIBURG DE (Roman Drahtmueller)
Date: Thu, 12 Nov 1998 22:40:14 +0100
On Wed, 11 Nov 1998, Erik <netmask () 303 ORG> wrote: [...]
On a slackware 3.5 machine, with no backups... changing users password.. leaves -rw------- 1 root root 560 Nov 11 09:53 shadow- chmod 600. So I would say its a suse linux problem.
Not having /etc/shadow mode 640 (root.shadow) requires you to suid root xlock and all the kde screen lockers. With SuSE, 2755 (root.shadow) on xlock and *.kss is enough. So it may _not_ be a SuSE problem... Remember that every time a configuration change in the system is being done with yast (yet another setup tool, specific to SuSE), /sbin/SuSEconfig is being run. This script launches "/usr/bin/chkstat -set /etc/permissions" (plus /etc/permissions{.easy,.local}), where /etc/permissions describes /etc/shadow as root.shadow, mode 640. Whenever you change a password or add a user, /etc/shadow- is being set to the same permissions as /etc/shadow by /usr/bin/password or /usr/sbin/useradd. If you add users with vi, you must know what you're doing. Also keep in mind that yast (and therefore SuSEconfig + chkstat) are being run at first bootup after setting the root-password. Means: nobody except root can read /etc/shadow since root is the only user in the system who has a password. If /etc/shadow- is 644 at this stage, it just doesn't matter, because the next useradd will clean it up. It's not beautiful, and it may be considered a bug, but for sure it's not worth bothering/posting/the time. rgds, Roman. _ _ | Roman Drahtmller "The whole world is about three | CC University of Freiburg drinks behind." | email: draht () uni-freiburg de (Humphrey Bogart) | - -
Current thread:
- Update to Microsoft Security Bulletin (MS98-015), (continued)
- Update to Microsoft Security Bulletin (MS98-015) Aleph One (Nov 18)
- Multiple KDE security vulnerabilities (root compromise) David G. Andersen (Nov 18)
- Sun Security Bulletin #00179 Aleph One (Nov 18)
- Re: Sun Security Bulletin #00179 Jonathan A. Zdziarski (Nov 19)
- Re: WWWBoard Vulnerability Spartak Radchenko (Nov 10)
- Re: WWWBoard Vulnerability Samuel Sparling (Nov 10)
- world-readable shadow backups in SuSe 5.2 HD Moore (Nov 10)
- mSQL dummies Peter Boutzev (Nov 11)
- Re: world-readable shadow backups in SuSe 5.2 Erik (Nov 11)
- Bootpd 2.4.3 tmp race Marcelo Tosatti (Nov 12)
- Re: world-readable shadow backups in SuSe 5.2 Roman Drahtmueller (Nov 12)
- More msql... Peter Boutzev (Nov 12)
- Re: world-readable shadow backups in SuSe 5.2 Andrew Pitman (Nov 11)
- Re: world-readable shadow backups in SuSe 5.2 xnec (Nov 11)