Re: permission of shadow file and upgrade the kernel

To: debian-user@lists.debian.org
Subject: Re: permission of shadow file and upgrade the kernel
From: Greg Folkert <greg@gregfolkert.net>
Date: Mon, 09 Apr 2007 20:40:24 -0400
Message-id: <[🔎] 1176165624.8837.5.camel@princess.gregfolkert.net>
In-reply-to: <[🔎] 461ADC31.9040803@symantec.com>
References: <[🔎] 20070409194723.48697.qmail@web53312.mail.re2.yahoo.com> <[🔎] 20070409200448.GA12885@titan> <[🔎] 461ADC31.9040803@symantec.com>

On Mon, 2007-04-09 at 17:37 -0700, Bob McGowan wrote:
[snip]
> One might wonder why it isn't just 600, if the only user needing access 
> is root?  The answer may be in the permissions and owner/group:
> 
>    -rw-r----- 1 root shadow ....
> 
> It would appear there are (or could potentially be) tools that need to 
> only read the file.  Rather than make them set uid to root, which would 
> give them rw permission, they are set gid so they have ro permission, 
> which limits the damage they could potentially do.

You are correct. Things like authentication for various services are
just one of many.
-- 
greg, greg@gregfolkert.net

Novell's Directory Services is a competitive product to Microsoft's
Active Directory in much the same way that the Saturn V is a competitive
product to those dinky little model rockets that kids light off down at
the playfield. -- Thane Walkup

Reply to:

References:
- permission of shadow file and upgrade the kernel
  - From: ann kok <annkok2001@yahoo.com>
- Re: permission of shadow file and upgrade the kernel
  - From: Douglas Allan Tutty <dtutty@porchlight.ca>
- Re: permission of shadow file and upgrade the kernel
  - From: Bob McGowan <bob_mcgowan@symantec.com>

Prev by Date: Re: permission of shadow file and upgrade the kernel
Next by Date: Re: The List Standard
Previous by thread: Re: permission of shadow file and upgrade the kernel
Next by thread: Re: permission of shadow file and upgrade the kernel
Index(es):
- Date
- Thread