[SunHELP] passwd file (need to be world readable)


Thu Oct 31 16:47:16 CST 2002


I'm not sure what the fallout would be but you should be able to set it
non-world readable and still be able to login, change passwords, etc.  Other
applications might complain some.

-M

-----Original Message-----
From: Edward Chase [mailto:echase at studentweb.providence.edu]
Sent: Thursday, October 31, 2002 3:13 PM
To: Donaldson, Mark; sunhelp at sunhelp.org
Subject: RE: [SunHELP] passwd file (need to be world readable)


So, it doesn't need to be?

Reason I ask is that we run our mail services on a Solaris box.  Someone 
recently pretty much emailed our whole student body.  The only way I can 
see that to get such a complete list is for one of our students to grab 
/etc/passwd

It's kind of late now, but it made me think of how they could have gotten 
all the email addresses...

Now, no more FTP to the box (some used it as a place to drop files and pick 
up offcampus) and most users do not have shell access.  Since my web based 
email password change utility, there is no real need to telnet to the box.



At 01:44 PM 10/31/2002 -0700, Donaldson, Mark wrote:

>Basically it's traditional.  It's an expectation from way back that the 
>passwd file is readable by anyone.
>
>The response to the worry about security is to use a shadow password file.
>
>-M
>
>-----Original Message-----
>From: Edward Chase 
>[<mailto:echase at studentweb.providence.edu>mailto:echase at studentweb.providen
ce.edu] 
>
>Sent: Thursday, October 31, 2002 1:27 PM
>To: sunhelp at sunhelp.org
>Subject: [SunHELP] passwd file (need to be world readable)
>
>Hello there,
>
>Does the /etc/passwd file need to be world readable?
>
>If so, why?
>
>
>---------------------------------------------------------------
>   Edward F. Chase III     |   echase at studentweb.providence.edu
>   Providence 
> College      | 
> <http://studentweb.providence.edu>http://studentweb.providence.edu
>   Computer Services       |
>   Providence, RI  02918   |
>_______________________________________________
>SunHELP maillist  -  SunHELP at sunhelp.org
><http://www.sunhelp.org/mailman/listinfo/sunhelp>http://www.sunhelp.org/mai
lman/listinfo/sunhelp 



More information about the SunHELP mailing list