Page 1 of 1
This doesn't look very good, does it?
Posted: Wed Feb 19, 2003 9:33 am
by Heavy
Code: Select all
-rw-r--r-- 1 root root 1142 Feb 19 13:21 passwd
I changed it to
Code: Select all
-rw-r----- 1 root root 1142 Feb 19 13:21 passwd
And can still login via ssh. Is it safe to reboot the machine with these new permission settings on /etc/passwd ?
PS. This is the default setting in my system: Debian 3.0 r1

Posted: Wed Feb 19, 2003 9:45 am
by Stoker
/etc/passwd needs to be system readable by anyone in most cases, as things like the users default shell is stored there, I would change it back to 644
If you are worried about password hackers, use shadow-passwords, most systems do by default, those secrets are stored in /etc/shadow and should not be world readable..