/etc/passwd permissions
john.urban
urban at cbnewsl.att.com
Fri May 17 02:31:07 AEST 1991
In article <1991May15.214600.6733 at oneb.wimsey.bc.ca> kmcvay at oneb.wimsey.bc.ca (Ken McVay) writes:
>With /etc/passwd readable by everyone, it can be send uucp by anyone
>with a shell account. Granted, encryption provides some protection, but
>would it hurt anything to simply set the perms to r--r----- root root?
>
>/bin/passwd runs suid root, as does su - while 'l' and similar utilities
>do not, and show only the owner's userid #, rather than the owner's name.
>
This is why some systems instituded a /etc/passwd and /etc/shadow scheme.
/etc/passwd is just like it always was except that the passowrd field now
has an x in it. /etc/shadow (ls -l -> -r-------- root sys) contains the
name followed by the encrypted password (plus other stuff) (like /etc/passwd
use to).
Many commands look at /etc/passwd (like the l, ls, uucico, id, ps, crash and
others), so by making /etc/passwd -r--r----- root/root many of these applications
may start breaking.
Sincerely,
John Ben Urban
More information about the Comp.unix.xenix.sco
mailing list