This doesn't look very good, does it?

XML, Perl, Python, and other languages can be discussed here, even if it isn't PHP (We might forgive you).

Moderator: General Moderators

Post Reply
User avatar
Heavy
Forum Contributor
Posts: 478
Joined: Sun Sep 22, 2002 7:36 am
Location: Viksjöfors, Hälsingland, Sweden
Contact:

This doesn't look very good, does it?

Post by Heavy »

Code: Select all

-rw-r--r--    1 root     root         1142 Feb 19 13:21 passwd
I changed it to

Code: Select all

-rw-r-----    1 root     root         1142 Feb 19 13:21 passwd
And can still login via ssh. Is it safe to reboot the machine with these new permission settings on /etc/passwd ?

PS. This is the default setting in my system: Debian 3.0 r1 :?
User avatar
Stoker
Forum Regular
Posts: 782
Joined: Thu Jan 23, 2003 9:45 pm
Location: SWNY
Contact:

Post by Stoker »

/etc/passwd needs to be system readable by anyone in most cases, as things like the users default shell is stored there, I would change it back to 644

If you are worried about password hackers, use shadow-passwords, most systems do by default, those secrets are stored in /etc/shadow and should not be world readable..
Post Reply