[svlug] Should my /etc/passwd really be mode 644?

Michael Eager eager at eagercon.com
Fri Oct 2 22:58:36 PDT 2015


On 10/02/2015 05:24 PM, Steve Litt wrote:
> Hi all,
>
> I just noticed on my Void Linux VM and on my Void laptop, /etc/passwd
> is world readable. I set it to mode 600, and the whoami command stopped
> working. Then I looked at my Debian Wheezy box, and both these files
> are also world readable on Wheezy.
>
> I don't want others knowing the usernames of all accounts on my
> computer. What am I missing here?

Lots of non-privileged programs use /etc/password to translate
UID to username or vice versa.  For example, how would 'ls' be able
to print the name of the owner of a file or 'ps' tell you whose
program was running if it couldn't do the translation?

It might be possible to redesign everything to make /etc/passwds
non-world-readable, but you probably would not gain much in security.
If you permit translation from UID to username (so that you can list
file or process owners, or even who is logged in) you can essentially
recreate /etc/passwd without being able to read it.  If you
don't permit this kind of translation, then all you know is
that some file or process is owned by <random-number>.  Of course,
you could make all of these operations privileged and only allow
root to run them, but that would probably make life difficult.

-- 
Michael Eager	 eager at eagercon.com
1960 Park Blvd., Palo Alto, CA 94306  650-325-8077



More information about the svlug mailing list