Date: Sun, 20 Mar 2005 20:03:58 +0000 From: David Malone <dwmalone@maths.tcd.ie> To: "H. S." <security@revolutionsp.com> Cc: freebsd-hackers@freebsd.org Subject: Re: passwd & permissions Message-ID: <20050320200358.GA59392@walton.maths.tcd.ie> In-Reply-To: <49296.81.84.174.5.1111346817.squirrel@mail.revolutionsp.com> References: <49296.81.84.174.5.1111346817.squirrel@mail.revolutionsp.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Mar 20, 2005 at 01:26:57PM -0600, H. S. wrote: > I'm using FreeBSD on various servers for many time now, and there is > something that always bothered me. It is related to /etc/passwd and > /etc/pwd.db permissions. > > I have custom (0640) permissions on these files. However, each time a user > changes his/her password, the system will reset the password file > permissions back to the original (rw r r). I think these files would be rebuilt by the pwd_mkdb utility. You should be able to change it to rebuild the files with different permissions. See the PERM_INSECURE and PERM_SECURE constant pwd_mkdb.c. (I'm not really sure about the wisdom of making passwd and pwd.db have permissions 640, but I guess you know your system best.) David.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050320200358.GA59392>