/etc/passwd permissions problems
Distribution: Red Hat Linux 9
I was reading something on Unix-flavors security yesterday... it talked about editing /etc/passwd... and my first thought was, "come on, it can't be THAT easy." So... I booted up my system and logged in as a normal user, and went to look at /etc/passwd. I noticed something very, very odd about its permissions settings in the properties window. The text and numbers didn't match. It looked like this:
Now, I may not be an authority on chmod, but I KNOW those don't match. According to one, I only had read access, and to the other, execute and read. And it turned out that NEITHER were right, because I was able to load it into gedit and add a happy new root account with no password. (Sheesh, it took maybe fifteen seconds to figure out how to format it...)
Okay, that worked great, (I'm curious of the mechanics of it, as it happens... when you su into an account, whom do you get logged as? And what if it says Bash-2.05b# or something like that?) and today I went back to try it again, trying to append a string from the command line instead... and it didn't work. Huh?
Checked the permissions... they still don't match, but now it says 644. When did this happen? How? Why? And what's the deal with the two permissions not matching?...
Thanks in advance for any enlightenment you have to offer :idea: