On Mon, Sep 24, 2018 at 11:40 AM Ed Christiansen MS <[email protected]> wrote:
> If you expect to pass any kind of security audit, the perms on > /etc/shadow must be 0600. Since it contains the actual password hashes > no one can read it except root to prevent bad puppies from getting the > hashes so they can reverse the hash by brute force on some other host. > Before everyone gathers the villagers, pitchforks and torches, I made a mistake. I crossed passwd with shadow in my response. With that said, I was going to let it die with Frank's response, but I can see folks will keep at it. Just let it die. It's an off topic question related with how linux permissions work not with the audit subsystem. > > On 9/24/2018 3:50 AM, Frank Thommen wrote: > > All systems I know disallow reading of /etc/shadow for others or even > > group (for good reasons). Hence sudo would be required. > > > > frank > > > > > > On 09/24/2018 06:35 AM, William Roberts wrote: > >> Sorry for the HTML... > >> > >> This seems off topic. This is list for questions surrounding the linux > >> audit subsystem. > >> > >> That file is usually user=root group=root mode=0644. Ie read only for > >> all, writeable for user root. No sudoers entry needed for read access. > >> > >> On Sun, Sep 23, 2018, 21:30 khalid fahad <[email protected] > >> <mailto:[email protected]>> wrote: > >> > >> Hi, > >> What is the sudoers entry created to allow localuser to cat > >> /etc/shadow) > >> Thanks > >> > >> -- > >> Linux-audit mailing list > >> [email protected] <mailto:[email protected]> > >> https://www.redhat.com/mailman/listinfo/linux-audit > >> > >> > >> > >> -- > >> Linux-audit mailing list > >> [email protected] > >> https://www.redhat.com/mailman/listinfo/linux-audit > >> > > > > -- > > Linux-audit mailing list > > [email protected] > > https://www.redhat.com/mailman/listinfo/linux-audit > > -- > Linux-audit mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/linux-audit
-- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
