[8516] in bugtraq
Re: world-readable shadow backups in SuSe 5.2
daemon@ATHENA.MIT.EDU (xnec)
Thu Nov 12 15:11:21 1998
Date: Wed, 11 Nov 1998 21:25:59 +0000
Reply-To: xnec <xnec@WINTERMUTE.LINUX.TC>
From: xnec <xnec@WINTERMUTE.LINUX.TC>
X-To: HD Moore <hdmoore@USA.NET>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <000c01be0cd0$24d014a0$0100a8c0@entropy>
I've tested this on two seperate SuSE 5.2 boxes and neither have displayed
the kind of behavior you describe. I'd venture that this is a problem
exclusive to your system.
fear:/home/xnec # ls -la /etc/shadow*
-rw-r----- 1 root shadow 773 Nov 12 01:21 /etc/shadow
-rw-r----- 1 root shadow 756 Nov 12 01:21 /etc/shadow-
-rw-r----- 1 root shadow 568 Jul 14 22:59 /etc/shadow.orig
fear:/home/xnec #
-xnec
On Tue, 10 Nov 1998, HD Moore wrote:
> <( problem )>
>
> The _first_ set of shadow backups created on SuSe 5.2 are world readable.
> This includes '/etc/shadow-' and the original root pass in
> '/etc/shadow.orig'. I duplicated this on 3 different systems where I had
> just installed SuSe 5.2 with shadowed passwd support.
>
> <( fix )>
>
> The way to fix repair is to just delete all the backup copies and when they
> are re-created they have the right permissions.
>
> <( conclusion )>
>
> Is this an isolated incident with SuSe, or is it a problem inherent to
> shadow? I know this isn't the first case I've seen default shadow backups
> being world readable (or shadow.tmp's on SunOs). Could some other package
> be responsible for changing permissions on these?
>
#######################################################
# xnec@wintermute.linux.tc - xnec on DALnet and EFnet #
#######################################################
