When check the /etc/passwd file permissions, I discover that all user have the read permission to it.
$ ls -l /etc/passwd
-rw-r--r--. 1 root root 3381 2015-11-04 11:02 /etc/passwd
Is it a security hole? Why or why not?
Asked
Active
Viewed 2,534 times
1 Answers
6
Is it a security hole? Why or why not?
No, it isn't. /etc/passwd should be readonly to users (-rw-r--r--). It is sometimes called the user database. That should give us a clue as to why it needs to be readable by everyone. Any utility that inspects file metadata needs to be able to read /etc/passwd (and so /etc/group) in order to be able to resolve the numerical IDs used by the kernel and its subsystems to the human-friendly names that we rely on. Tools that need to find your home directory look that information up in /etc/passwd, and inet miniservers like fingers look up your details in /etc/passwd.
As has been pointed out elsewhere, there is no particularly sensitive data in the file, as modern systems put the password hashes in /etc/shadow file, which is readonly by root.
Tung Tran
- 4,023