cancel
Showing results for 
Search instead for 
Did you mean: 

/etc/passwd file

Jason Armitage
Occasional Visitor

/etc/passwd file

On a trusted system, the root entry in the password file looks like this:

root::0:3::/:/sbin/sh

On all trusted other systems, it looks like this:

root:*:0:3::/:/sbin/sh

What impact is this causing, if any?
"People who won't suffer fools gladly must find solitude intolerable"
5 REPLIES
Chartier Jerome
Frequent Advisor

Re: /etc/passwd file

Hi,

the first one seems to have no passwd and the second one is shadowed

Regards

JC
J@Y
Jose Mosquera
Honored Contributor

Re: /etc/passwd file

Hi,

passwd file fields are splited by ":" character, second field correspond to password entry, in the first case root password is blank, second case is shadowed.

Rgds.
Jason Armitage
Occasional Visitor

Re: /etc/passwd file

Thanks for your replies. Both of you agree that the in first example the root password is blank. However, when I su to root I have to enter a password, suggesting the password is not blank?
"People who won't suffer fools gladly must find solitude intolerable"
Shannon Petry
Honored Contributor

Re: /etc/passwd file

This just means that before conversion, the password was blank. A trusted system does not use /etc/passwd for authentication.

/etc/passwd on a trusted system is only used for some system calls like getuid, getgid, etc... As long as the shell, UID and GID are valid, your fine. Just note if/when you convert the system back to normal from trusted the root password will be blank.

Regards,
Shannon
Microsoft. When do you want a virus today?
Jose Mosquera
Honored Contributor

Re: /etc/passwd file

yeap,

On trusted systems the encrypted password will no longer reside in /etc/passwd. There will be in a new directory /tcb.

Rgds.