How secure is UNIX?
Ray Shwake
shwake at raysnec.UUCP
Wed Jun 13 01:39:32 AEST 1990
In article <1557 at quando.UUCP> omerzu at quando.UUCP (Thomas Omerzu) writes:
>
>but have you ever tried to remove public read permissions
>from /etc/passwd?
>Very funny results, not the simplest 'ls -l' will work ...
I recently structured permissions on one password file such that one
group - let's call them outsider - can't access /etc/passwd, but others
can. Simply assign GROUP ownership of /etc/password to the outsider
group and take away their read permission. viz.
-rw----r-- 1 bin outsider 1041 May 02 16:26 /etc/passwd
BTW, many new UNIX implementations post-3.2 support password shadowing,
such that the encrypted passwords are NOT publicly accessible.
More information about the Comp.unix.questions
mailing list