RE: entry in /etc/passwd
From: Aaron Sierra (AaronS@webex.com)Date: 05/03/02
- Previous message: Jon Leonard: "Re: entry in /etc/passwd"
- Maybe in reply to: Yannis Nikolopoulos: "entry in /etc/passwd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Aaron Sierra <AaronS@webex.com> To: "'focus-linux@securityfocus.com'" <focus-linux@securityfocus.com> Date: Thu, 2 May 2002 16:27:15 -0700
Per CIS hardening standard:
"'+' entries in various files used to be markers for systems to insert data
from NIS
maps at a certain point in a system configuration file. These entries are no
longer
required on Solaris systems, but may exist in files that have been imported
from other
platforms. These entries may provide an avenue for attackers to gain
privileged
access on the system, and should be deleted if they exist."
You may also want to check other files:
grep '^+:' /etc/passwd /etc/shadow /etc/group
- Previous message: Jon Leonard: "Re: entry in /etc/passwd"
- Maybe in reply to: Yannis Nikolopoulos: "entry in /etc/passwd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
