Lab: Passwords

Follow Up

• To do this step:
  • You should have performed the other steps in this lab.
• Instructions:
  • In this section please create a word document containing the answers to the following portions.
  • Include the item number and sub-number with your answers.
  • Include full answers/descriptions. Do not be a minimalist.
  • When ask, or when it supports your answer, include a screen shot. Make sure you explain how your screen shot demonstrates/supports your answer.
• Answer:
  1. How would changing permissions on the files /etc/passwd or /etc/shadow impact the system?
  2. Would you consider the password system a threat, vulnerability or a control? Or even multiples of these? Please justify your answer.
  3. In earlier versions of the password file, the encrypted password was stored in the second field. Why was this problematic?
• Investigate
  1. Change the permissions on the password file.
     • You can change file permissions using the chmod command.
       • chmod (ugo)+/-(rwx) filename
       • The (ugo) can be any subset, the users you wish to change permission for.
       • Use either + to add permission or - to remove permission
       • (rwx) can be any combination of the permissions you wish to change.
     • As user bob, try sudo chmod o-r /etc/passwd
       • After this is complete the password file should have permissions

         •  rw-r------ 1 root ...

     • Experiment as a user, what has happened?
       • Try ls -l, id, su sue, whoami, ps -ef
     • reset the permission sudo chmod o+r /etc/passwd
       • Try these commands again.
     • In your document discuss the importance of the permissions on the password file.
  2. Change Alice's user id to be Bob's user id.
     • Then su to alice
     • Describe what happens.
       • Try creating files.
     • In your document, describe the importance of the userid.

Required Files