chmod 644 /etc/shadow
Necessary to leave the archive /etc/shadow with permission 644.
chmod 644 /etc/shadow All OK. But when dumb the password of an user the permissions move automatiamente for 600! How to decide this? |
root@firewall /etc# chown root:shadow-readers shadow
root@firewall /etc# ls -la -rw-r----- 1 root shadow-readers 1262 Sep 12 13:20 shadow He is perfect thus! But when I modify the password of an user: root@firewall /etc# passwd cesar Changing password for user cesar. New password: Retype new password: passwd: all authentication tokens updated successfully. root@firewall /etc# ls -la -rw------- 1 root root 1262 Sep 12 13:42 shadow It comes back the permissions :( When I modify the password of a using return these permissions. Somebody knows as to decide this? thankz |
letting users read /etc/shadow is bad security.......
someone can hack your box and use it to send out spam/porn etc........ |
The server, necessary is very safe to make this to function one modulates PAM AUTH, of the apache.
|
chmod is 640. only for the group shadow-readers, that 1 software goes to use
|
it will be that he is bug of kernel?
Somebody can help me please |
:( :scratch: help please
|
http://pam.sourceforge.net/mod_auth_pam/shadow.html
1) root@firewall /etc# chmod 640 shadow root@firewall /etc# chown root:shadow-readers shadow root@firewall /etc# ls -la -rw-r----- 1 root shadow-readers 1262 Sep 12 13:20 shadow He is perfect thus!!! 2) root@firewall /etc# passwd cesar Changing password for user cesar. New password: Retype new password: passwd: all authentication tokens updated successfully. ############################################################### root@firewall /etc# ls -la -rw------- 1 root root 1262 Sep 12 13:42 shadow ???????????????????????????? ????? It comes back the permissions When I modify the password of a using return these permissions. Somebody knows as to decide this? |
As far as I know, /etc/shadow should be readable by no one but root. Your system may vary.
So it looks like: -rwx------ root root shadow This is the folder where the "real" passwords are kept. When Linux needs to look up something, it can magically get the access that it needs. But no one else can. You should not make the shadow directory "world-readable." Even though the passwords inside are scrambled, there is no good reason to allow anyone to even see them. |
Debtor for its reply. Friend my English is half bad, I followed passes of this site, http://pam.sourceforge.net/mod_auth_pam/.
He does not have as to make this? Everything was functioning perfectly, but when dumb the password happens this problem. You can show an example for commands, you are more easy I to understand. I promise that I go to learn fast the English. Very thankz! |
Quote:
|
I am using distro TSL.
Based in Red Hat 8. |
I know that the system is making for protection, but necessary of this, it does not have problem some...
A software only goes to use this group, nothing goes to compremeter the security. Necessary of this, to decide my problem, Before an archive (Unsafe between quotations marks) but functioning of that something safe that it does not function. |
It will be that a way does not exist to decide this?
The same software we use in the OpenBSD, and functions normally. With linux this is happening |
I tried it on my Centos 4.1 (based on RHEL4) here at work and its fine. Its not a problem with Linux but just with whatever specific distro or setup you've got.
|
All times are GMT -5. The time now is 04:47 AM. |