I've tested this on two seperate SuSE 5.2 boxes and neither have displayed
the kind of behavior you describe. I'd venture that this is a problem
exclusive to your system.
fear:/home/xnec # ls -la /etc/shadow*
-rw-r----- 1 root shadow 773 Nov 12 01:21 /etc/shadow
-rw-r----- 1 root shadow 756 Nov 12 01:21 /etc/shadow-
-rw-r----- 1 root shadow 568 Jul 14 22:59 /etc/shadow.orig
fear:/home/xnec #
-xnec
On Tue, 10 Nov 1998, HD Moore wrote:
> <( problem )>
>
> The _first_ set of shadow backups created on SuSe 5.2 are world readable.
> This includes '/etc/shadow-' and the original root pass in
> '/etc/shadow.orig'. I duplicated this on 3 different systems where I had
> just installed SuSe 5.2 with shadowed passwd support.
>
> <( fix )>
>
> The way to fix repair is to just delete all the backup copies and when they
> are re-created they have the right permissions.
>
> <( conclusion )>
>
> Is this an isolated incident with SuSe, or is it a problem inherent to
> shadow? I know this isn't the first case I've seen default shadow backups
> being world readable (or shadow.tmp's on SunOs). Could some other package
> be responsible for changing permissions on these?
>
#######################################################
# xnecat_private - xnec on DALnet and EFnet #
#######################################################
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:22:58 PDT