turn the /etc/shadow argument on it's head
Posted Apr 27, 2006 15:59 UTC (Thu) by JoeBuck
In reply to: turn the /etc/shadow argument on it's head
Parent article: The AppArmor debate begins
I know only a little about SELinux, but I believe that you are incorrect. Programs that use /etc/shadow for password authorization can check the security label; if it is not set to the proper value, authorization can be made to fail. So if you manage to make /etc/shadow point to a new file, you only achieve denial-of-service: no one can log in.
But even if this check is not made, ordinary users can make a hard link to /etc/shadow if they have write access to a directory in the same filesystem as /etc. Ordinary users cannot make /etc/shadow point to a different file unless they have already cracked root. So you haven't quite turned the argument on its head: it is easier to add new names than to change what a name refers to.
to post comments)