Re: read access on passwd file

From: Tommy Reynolds (TommyReynolds_at_yahoo.com)
Date: 05/19/05

  • Next message: Terry A Haimann: "pilot-link" 
    Date: Thu, 19 May 2005 16:55:20 -0500

    On Thu, 19 May 2005 00:30:53 +0200, Stephan Goeldi wrote:

    > RHEL 3 gives out of the box read access for any user on the file /etc/passwd
    > and /etc/shadow. I don't think that this is necessary.

    It is necessary because its the required behavior based on the UNIX
    standards.
     
    > On RHEL 4 at least the shadow file is only readable by root.

    Well, yes, that's why it's there.
     
    > What is best practice?

    Exactly as implemented.

    Cheers

  • Next message: Terry A Haimann: "pilot-link"

    Relevant Pages

    • Re: read access on passwd file
      ... standards. ... > On RHEL 4 at least the shadow file is only readable by root. ...
      (comp.os.linux.security)
    • read access on passwd file
      ... On RHEL 4 at least the shadow file is only readable by root. ... What is best practice? ...
      (linux.redhat)
    • read access on passwd file
      ... On RHEL 4 at least the shadow file is only readable by root. ... What is best practice? ...
      (comp.os.linux.security)
    • RE: Have I been hacked? Shadow file deleted
      ... Only I have the root password, that I change every time the shadow file is ... Last resort is to do a complete bare metal install again and keep root ... To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list -- ...
      (Fedora)
    • Re: root password gone AWOL!
      ... I know if you remove the "x" from the passwd file in the line ... the root account without asking for a password. ... which is responsible for the shadow file, ... AeoN wrote: ...
      (comp.os.linux.networking)