Secure /etc/passwd ?

SpongeBOB · 2022-03-11 08:36:23

Hi everyone,

I see that by default the file /etc/passwd is 644

Is it not insecure that Others have read permissions ? I'm not feeling comfortable with that...

I change it to 640 but of course when I log-in with a user that start startxfce4 it's won't launch the GUI and stay in CLI...

I would like to give the correct ACL permissions to make xcfe start, but I don't even know witch account should have read acces ??

Thanks

Head_on_a_Stick · 2022-03-11 09:08:09

SpongeBOB wrote:

Is it not insecure that Others have read permissions ?

No. The actual passwords are encrypted and stored under /etc/shadow as per passwd(5).

SpongeBOB wrote:

I change it to 640

Change it back. Many utilities use that file to map user IDs to user names. It should be world-readable.

EDIT: use pwck(8) & grpck(8) to verify the integrity and validity of /etc/passwd,/etc/shadow & /etc/group.

Last edited by Head_on_a_Stick (2022-03-11 09:20:51)

SpongeBOB · 2022-03-11 14:25:17

Thank you HOAS,

I knew that the actual password are stored in /etc/shadow.

But I found curious that any user account can list the full list of user registered on the machine..

hevidevi · 2022-03-12 14:32:14

I think alpinelinux has a way of hiding users in /etc/passwd. Im not on alpine at the moment but from memory last time i looked my user was called "linux user" in /etc/passwd but user name aka /home/username was hevidevi. Ill have to revisit alpine again to understand more.

Edit to add. Alpine linux was absent the shadow file/package from base install afaik.

Last edited by hevidevi (2022-03-12 14:41:13)

The officially official Devuan Forum!

#1 2022-03-11 08:36:23

Secure /etc/passwd ?

#2 2022-03-11 09:08:09

Re: Secure /etc/passwd ?

#3 2022-03-11 14:25:17

Re: Secure /etc/passwd ?

#4 2022-03-12 14:32:14

Re: Secure /etc/passwd ?

Board footer