Date: Tue, 10 Nov 1998 11:32:50 -0600 From: HD Moore <hdmoore@USA.NET> Subject: world-readable shadow backups in SuSe 5.2 To: BUGTRAQ@NETSPACE.ORG <( problem )> The _first_ set of shadow backups created on SuSe 5.2 are world readable. This includes '/etc/shadow-' and the original root pass in '/etc/shadow.orig'. I duplicated this on 3 different systems where I had just installed SuSe 5.2 with shadowed passwd support. <( fix )> The way to fix repair is to just delete all the backup copies and when they are re-created they have the right permissions. <( conclusion )> Is this an isolated incident with SuSe, or is it a problem inherent to shadow? I know this isn't the first case I've seen default shadow backups being world readable (or shadow.tmp's on SunOs). Could some other package be responsible for changing permissions on these?