Re: Isn't it a security hole...

To: Jerzy Kakol <kakol@angband.microb.uni.wroc.pl>
Cc: debian-user@lists.debian.org
Subject: Re: Isn't it a security hole...
From: Matthew Bailey <mbailey@cps.cmich.edu>
Date: Wed, 14 Aug 1996 12:39:26 -0400 (EDT)
Message-id: <[🔎] Pine.SUN.3.94.960814123741.1257A-100000@cps200.cps.cmich.edu>
In-reply-to: <[🔎] Pine.LNX.3.91.960814165502.2035B-100000@angband.microb.uni.wroc.pl>

On Wed, 14 Aug 1996, Jerzy Kakol wrote:

> 
> ...the attribute readable for others in case of the file /etc/passwd?
> 
> Recently my debian system was cracked by several pirates. They have 
> account name and the password widely broadcasted on an IRC channel. The 
> only way, as I guess, they grabed root's privilages was free access to 
> /etc/passwd.
> Is there a free and debianized shadow-password package?
> 

One of the first things to remember is to use an Alpha numeric and special
character password for root that usually fixes 99.99% of all hackers from
gaining root access. We use NIS and our users are able to read the password
entries for everyone however we tell users this and tell them how to create a
secure password. :)

Matt

Sorry to be sarcastic but I can be that way at times :)

Reply to:

References:
- Isn't it a security hole...
  - From: Jerzy Kakol <kakol@angband.microb.uni.wroc.pl>

Prev by Date: Re: "Error in archive format" for boot1440_2.0.5-1.bin
Next by Date: RE: SCSI and EIDE
Previous by thread: Re: Isn't it a security hole...
Next by thread: Re: Isn't it a security hole...
Index(es):
- Date
- Thread