In this chapter, you saw that numerous things can be done to make the server environment more secure. In harmony with the concept of running only services that are necessary, accounts must be audited and maintained even on freshly installed servers. On the user environment side, the chapter examined the Pluggable Authentication Module (PAM) and discussed how it can be used to control system access. PAM is a powerful tool that can be used to control system access, resource consumption, as well as standard approaches to authentication. In terms of consumable resources, this chapter touched on the disk quota system and examined how it can be used to prevent running out of disk space. To further protect the environment, you saw that it is possible to reduce the number of users who have access to elevated privileges. At the same time, you saw that, for those individuals who do need powerful commands, you can grant them a command set tailored to their needs. |