hi buddies anybody know how to increase security of /etc/passwd Folder in the CPanel? what file permission is secure for this folder? tnx a lot
I was doing some research on this myself, it appears that the most secure method is to store an encrypted user file with apache, however this is not an option for most shared accounts, so I was looking around at how to manage this, I think it will require some out of the box thinking, pun intended. running an off site but secure script might still be a challenge as well as a security risk.
If you are on a shared platform, you won't be able to secure /etc/passwd file. It is the system admins who needs to secure it. If you are referring to the /home/your-username/etc/passwd file, it holds the details of your email account. It can be accessed only with your cPanel and root user. Other cPanel accounts cannot access it.
By default, /etc/passwd is "shadowed" so there are no actual password stored in there, but the usernames and UIDs are. As was mentioned, you won't be able to do much about this with a shared account..
There is nothing much can be done except full disk encryption. Regarding the file permission it should be 644 btw /etc/shadow is the file where passwords are stored which has by default 600 permission set.