A question
Ed Christiansen MS
edwardc at ll.mit.edu
Mon Sep 24 18:40:13 UTC 2018
If you expect to pass any kind of security audit, the perms on
/etc/shadow must be 0600. Since it contains the actual password hashes
no one can read it except root to prevent bad puppies from getting the
hashes so they can reverse the hash by brute force on some other host.
On 9/24/2018 3:50 AM, Frank Thommen wrote:
> All systems I know disallow reading of /etc/shadow for others or even
> group (for good reasons). Hence sudo would be required.
>
> frank
>
>
> On 09/24/2018 06:35 AM, William Roberts wrote:
>> Sorry for the HTML...
>>
>> This seems off topic. This is list for questions surrounding the linux
>> audit subsystem.
>>
>> That file is usually user=root group=root mode=0644. Ie read only for
>> all, writeable for user root. No sudoers entry needed for read access.
>>
>> On Sun, Sep 23, 2018, 21:30 khalid fahad <kfgm2001 at gmail.com
>> <mailto:kfgm2001 at gmail.com>> wrote:
>>
>> Hi,
>> What is the sudoers entry created to allow localuser to cat
>> /etc/shadow)
>> Thanks
>>
>> --
>> Linux-audit mailing list
>> Linux-audit at redhat.com <mailto:Linux-audit at redhat.com>
>> https://www.redhat.com/mailman/listinfo/linux-audit
>>
>>
>>
>> --
>> Linux-audit mailing list
>> Linux-audit at redhat.com
>> https://www.redhat.com/mailman/listinfo/linux-audit
>>
>
> --
> Linux-audit mailing list
> Linux-audit at redhat.com
> https://www.redhat.com/mailman/listinfo/linux-audit
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4707 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20180924/762d3453/attachment.p7s>
More information about the Linux-audit
mailing list