Re: A question

Ed Christiansen MS Mon, 24 Sep 2018 11:40:47 -0700

If you expect to pass any kind of security audit, the perms on /etc/shadow must be 0600. Since it contains the actual password hashes no one can read it except root to prevent bad puppies from getting the hashes so they can reverse the hash by brute force on some other host.


On 9/24/2018 3:50 AM, Frank Thommen wrote:

All systems I know disallow reading of /etc/shadow for others or even group (for good reasons). Hence sudo would be required.
frank


On 09/24/2018 06:35 AM, William Roberts wrote:
Sorry for the HTML...
This seems off topic. This is list for questions surrounding the linux audit subsystem.
That file is usually user=root group=root mode=0644. Ie read only for all, writeable for user root. No sudoers entry needed for read access.
On Sun, Sep 23, 2018, 21:30 khalid fahad <[email protected] <mailto:[email protected]>> wrote:
    Hi,
    What is  the sudoers entry created to allow localuser to cat
    /etc/shadow)
    Thanks

    --
    Linux-audit mailing list
    [email protected] <mailto:[email protected]>
    https://www.redhat.com/mailman/listinfo/linux-audit



--
Linux-audit mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/linux-audit
--
Linux-audit mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/linux-audit

smime.p7s
Description: S/MIME Cryptographic Signature

--
Linux-audit mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/linux-audit

Re: A question

Reply via email to