On Wed, 14 Aug 1996, Jerzy Kakol wrote: > > ...the attribute readable for others in case of the file /etc/passwd? > > Recently my debian system was cracked by several pirates. They have > account name and the password widely broadcasted on an IRC channel. The > only way, as I guess, they grabed root's privilages was free access to > /etc/passwd. > Is there a free and debianized shadow-password package? >
One of the first things to remember is to use an Alpha numeric and special character password for root that usually fixes 99.99% of all hackers from gaining root access. We use NIS and our users are able to read the password entries for everyone however we tell users this and tell them how to create a secure password. :) Matt Sorry to be sarcastic but I can be that way at times :)
