The officially official Devuan Forum!

You are not logged in.

#1 2022-03-11 08:36:23

SpongeBOB
Member
From: Brussels
Registered: 2022-02-07
Posts: 114  

Secure /etc/passwd ?

Hi everyone,

I see that by default the file /etc/passwd is 644

Is it not insecure that Others have read permissions ? I'm not feeling comfortable with that...

I change it to 640 but of course when I log-in with a user that start startxfce4 it's won't launch the GUI and stay in CLI...

I would like to give the correct ACL permissions to make xcfe start, but I don't even know witch account should have read acces ??

Thanks


Linux noob, plz be kind big_smile

Offline

#2 2022-03-11 09:08:09

Head_on_a_Stick
Member
From: London
Registered: 2019-03-24
Posts: 3,125  
Website

Re: Secure /etc/passwd ?

SpongeBOB wrote:

Is it not insecure that Others have read permissions ?

No. The actual passwords are encrypted and stored under /etc/shadow as per passwd(5).

SpongeBOB wrote:

I change it to 640

Change it back. Many utilities use that file to map user IDs to user names. It should be world-readable.

EDIT: use pwck(8) & grpck(8) to verify the integrity and validity of /etc/passwd,/etc/shadow & /etc/group.

Last edited by Head_on_a_Stick (2022-03-11 09:20:51)


Brianna Ghey — Rest In Power

Offline

#3 2022-03-11 14:25:17

SpongeBOB
Member
From: Brussels
Registered: 2022-02-07
Posts: 114  

Re: Secure /etc/passwd ?

Thank you HOAS,

I knew that the actual password are stored in /etc/shadow.

But I found curious that any user account can list the full list of user registered on the machine..


Linux noob, plz be kind big_smile

Offline

#4 2022-03-12 14:32:14

hevidevi
Member
Registered: 2021-09-17
Posts: 230  

Re: Secure /etc/passwd ?

I think alpinelinux has a way of hiding users in /etc/passwd. Im not on alpine at the moment but from memory last time i looked my user was called "linux user" in /etc/passwd but user name aka /home/username was hevidevi. Ill have to revisit alpine again to understand more.

Edit to add. Alpine linux was absent the shadow file/package from base install afaik.

Last edited by hevidevi (2022-03-12 14:41:13)

Offline

Board footer