RE: secure file permissions
Hi,
I recommend using the chattr program. You should set them immutable
chattr +i /etc/passwd /etc/shadow /etc/group /etc/gshadow. Man chattr.
Domonkos Czinke
-----Original Message-----
From: Lupe Christoph [mailto:lupe@lupe-christoph.de]
Sent: Sunday, December 07, 2003 9:56 AM
To: mi
Cc: debian-security@lists.debian.org
Subject: Re: secure file permissions
On Sunday, 2003-12-07 at 09:27:04 +0100, mi wrote:
> Can you tell me what are the default permissions for /etc/group and
> /etc/passwd ?
> I restricted them to rw for root only, but some things like exim (and
> possibly dpkg ?) seem to need read access there too.
> What's recommendet ?
You want to change them, so I guess you should know why.
BTW, try running ls as a user when /etc/group and /etc/passwd are 600.
Lupe Christoph
--
| lupe@lupe-christoph.de | http://www.lupe-christoph.de/
|
| "Violence is the resort of the violent" Lu Tze
|
| "Thief of Time", Terry Pratchett
|
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Reply to: