|[Home] [Credit Search] [Category Browser] [Staff Roll Call]||The LINUX.COM Article Archive|
|Originally Published: Wednesday, 16 May 2001||Author: John R. Morris|
|Published to: enchance_articles_security/Basic Security Articles||Page: 1/1 - [Printable]|
Linux Security Advice: suid Programs
Today senior administrator John Morris reminds us of the dangers of
|Page 1 of 1|
This is not going to be another article on
Here's the scenario. You've got a Linux server, and of course you've: gotten rid of unneeded services, you only installed the packages you needed, and you've patched them to the most current version. For whatever reason, you have users on your system, with shell access. But you want to make sure they can't do anything more than what you allow them to.
First, make a list of all the things every user needs access to: programs, services, and directories. Now sort out groups of users who need more access. For example, programmers will need access to the GNU debugger, gdb, but no one else really should. Once you have your list of general user requirements, and then specific group requirements, you can start restricting access for each group, and adding users to those groups. Each system will have different needs along these lines, but you see the general idea.
Now, it would be good idea to restrict access to things like gdb, some networking tools, and so forth, since they can be used to crack system security and similar things. But the first thing you should get rid of is anything that is
Some things, like
That will return a list of
The Tricky Part
The tricky part in all this is determining what the program in question actually needs access to. The way I usually do that, if I don't already know, is by setting it to run normally, by
John R. Morris email@example.com Sr. Unix System Administrator & Penguin devotee, Nerdality Consulting.
|Page 1 of 1|