Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: EXAMPLE: Why OOO is *BAD* [WAS: Re: OOO FLAME]

From: David Howe <DaveHowe.Pentest () googlemail com>
Date: Tue, 16 Sep 2008 09:44:41 +0100
Alexandru Bradescu-Popa wrote:

Interesting security procedures they have. Help-desk with access on
/etc/shadows. No written request for high sensitive files. They'll pass with
flying colors any security audit.


Helpdesk often has access to /etc/shadow - admittedly, this should be
via privileged executables (passwd and adduser/rmuser etc with the suid
 bit set) but I imagine the number of sites where they couldn't be
bothered to set up a second set of (set privileged) binaries for the
helpdesk, per machine, and just gave them root, is quite high - but
resetting user passwords is a common helpdesk function.

I suspect that most don't know what /etc/shadow is, or why it should be
kept secure - after all "passwords are in /etc/passwd, aren't they?"

I would also suspect that a request for /etc/passwd would have met with
more resistance, purely because of that :)


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in 
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: