Date:	Tue, 10 Nov 1998 11:32:50 -0600
From:	HD Moore <hdmoore@USA.NET>
Subject:      world-readable shadow backups in SuSe 5.2
To:	BUGTRAQ@NETSPACE.ORG

<( problem )>

The _first_ set of shadow backups created on SuSe 5.2 are world readable.
This includes '/etc/shadow-' and the original root pass in
'/etc/shadow.orig'.  I duplicated this on 3 different systems where I had
just installed SuSe 5.2 with shadowed passwd support.

<( fix )>

The way to fix repair is to just delete all the backup copies and when they
are re-created they have the right permissions.

<( conclusion )>

Is this an isolated incident with SuSe, or is it a problem inherent to
shadow?  I know this isn't the first case I've seen default shadow backups
being world readable (or shadow.tmp's on SunOs).  Could some other package
be responsible for changing permissions on these?