Examice

Exam GPEN All QuestionsBrowse all questions from this exam

Go to Exam

Question 19

How can a non-privileged user on a Unix system determine if shadow passwords are being used?

Read /etc/password and look for "x" or "II" in the second colon-delimited field

Read /etc/shadow and look for "x" or "II" in the second colon-delimited field

Verify that /etc/password has been replaced with /etc/shadow

Read /etc/shadow and look NULL values In the second comma delimited field

Correct Answer: A

A non-privileged user on a Unix system can determine if shadow passwords are being used by reading the /etc/password file and looking for 'x' or 'II' in the second colon-delimited field. This field indicates that the actual encrypted passwords are stored in the /etc/shadow file, which provides enhanced security. Non-privileged users do not have access to read the /etc/shadow file directly to check for password-related information.

Discussion

devnullOption: A

The correct answer is A. non-privileged users cannot read /etc/shadow.

Omo_MushinOption: B

Normally A would be correct - but reading further, there are other arguments that says B is very possible.. https://superuser.com/questions/1391307/how-could-a-hacker-access-the-etc-shadow-file-if-it-is-only-accessible-by-root https://unix.stackexchange.com/questions/90929/why-have-programs-like-su-access-to-etc-shadow