A.7 Chapter 6: Filesystems and Security

Previous page
Table of content
Next page

  • Learn about the useful options to your version of the ls command.

  • If your system has access control lists (ACLs), learn how to use them. Remember: do not depend on ACLs to protect files on NFS partitions.

  • Set your umask to an appropriate value (e.g., 027 or 077).

  • Never write SUID/SGID shell scripts.

  • Periodically scan your system for SUID/SGID files.

  • Disable SUID on disk partition mounts (local and remote) unless it is necessary.

  • Determine if write , chmod , chown , and chgrp operations on files clear the SUID/SGID bits on your system. Get in the habit of checking files based on this information.

  • Scan for device files on your system. Check their ownerships and permissions to ensure that they are reasonable.

  • Consider using a cryptographic filesystem for sensitive data.


Previous page
Table of content
Next page
Practical UNIX and Internet Security
Practical Unix & Internet Security, 3rd Edition
ISBN: 0596003234
EAN: 2147483647
Year: 2003
Pages: 265
Authors: Simson Garfinkel, Gene Spafford PH.D., Alan Schwartz PH.D.
BUY ON AMAZON
Absolute Beginner[ap]s Guide to Project Management
Cisco IP Communications Express: CallManager Express with Cisco Unity Express
Network Security Architectures
Microsoft Windows Server 2003(c) TCP/IP Protocols and Services (c) Technical Reference
Lotus Notes Developers Toolbox: Tips for Rapid and Successful Deployment
Understanding Digital Signal Processing (2nd Edition)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy