Re: secure file permissions
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Mon, 08 Dec 2003 at 03:16:05AM -0500, Domonkos Czinke wrote:
> Hi,
>
> I recommend using the chattr program. You should set them immutable
> chattr +i /etc/passwd /etc/shadow /etc/group /etc/gshadow. Man chattr.
Setting /etc/shadow +i would not be advisable as it renders your passwd
command useless.
Setting /etc/passwd +i renders your chsh and chfn commands useless.
Also, if someone r00ts you and they know more then someone who started
using Linux last week, they'll realize the files are +i and take the +i
bit off them.
I fail to see how this would make things any better on your system.
- --
Phillip Hofmeister
PGP/GPG Key:
http://www.zionlth.org/~plhofmei/
wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import
- --
Excuse #148: endothermal recalibration
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/1MZRS3Jybf3L5MQRArVaAJ9xtUSJHqTFJ+F8MZYC5fhUKhqjIQCaApxn
I6ZF1hm701F7HPyW6jNjPoo=
=Nhd1
-----END PGP SIGNATURE-----
Reply to: