nerdexam
CompTIA

LX0-104 · Question #489

Why is /etc/shadow not world readable if the passwords are stored in an encrypted fashion?

The correct answer is A. The encrypted passwords are still subject to brute force attacks.. The /etc/shadow file is not world-readable because even encrypted password hashes are vulnerable to offline brute-force and dictionary attacks if an unauthorized user gains access to them.

Security

Question

Why is /etc/shadow not world readable if the passwords are stored in an encrypted fashion?

Options

  • AThe encrypted passwords are still subject to brute force attacks.
  • BThis is just for historical reasons.
  • CThere is other information in the file that needs to be kept secret.
  • DThe passwords can be decrypted by anyone with root access.

How the community answered

(38 responses)
  • A
    89% (34)
  • B
    5% (2)
  • C
    3% (1)
  • D
    3% (1)

Why each option

The /etc/shadow file is not world-readable because even encrypted password hashes are vulnerable to offline brute-force and dictionary attacks if an unauthorized user gains access to them.

AThe encrypted passwords are still subject to brute force attacks.Correct

Although passwords are stored as hashes in /etc/shadow, not reversible encryption, these hashes can still be subjected to offline brute-force or dictionary attacks if an attacker obtains the file. Restricting read access to root prevents non-privileged users from attempting to crack password hashes, thus enhancing system security.

BThis is just for historical reasons.

The restricted permissions of /etc/shadow are a fundamental security measure based on current best practices, not merely a historical artifact.

CThere is other information in the file that needs to be kept secret.

While /etc/shadow does contain other sensitive information like account expiration dates, the primary reason for its strict permissions is to protect the password hashes themselves from cracking attempts.

DThe passwords can be decrypted by anyone with root access.

Password hashes cannot be "decrypted" in the traditional sense, even by root; root can reset or change passwords, but not retrieve the original plaintext password from its hash.

Concept tested: /etc/shadow security importance

Source: https://man7.org/linux/man-pages/man5/shadow.5.html

Topics

#/etc/shadow#password security#brute-force attacks#file permissions

Community Discussion

No community discussion yet for this question.

Full LX0-104 Practice