[oclug] In house security
rjordan at student.math.uwaterloo.ca
Mon Aug 13 13:20:34 EDT 2001
No, not without severally disabling your system.
I.E. if you change the /etc/passwd file to root read-only, then
no one will be able to log in.
It is definitely a good idea to tighten permissions -- it just
needs to be done on a case by case basis, and tested to make
sure nothing gets broken.
That said, most of the linux distros have *decent* default
permissions that only need minor tweaking.
> Greetings all,
> I am considering increasing the security on my gateway which is linux
> box and I wanted to restrict access to commands on that system from
> people on our internal network. Can I change all the files in /sbin and
> /etc to be
> read only by root or change the permissions from 755 to 754 or 750. I
> have found evidence of people just poking around the system for reasons
> of their own and I am not sure what a secure gateway/server should look
> like to the inside user.
> If I can do this with adversely effecting the systems operations then
> what other directories can I change permissions on. Also is there a way
> of restricting access of just one individual?
> oclug mailing list
> oclug at lists.oclug.on.ca
"AOL's actions are unprecedented and completely anti-consumer.
AOL is paying [computer makers] to eliminate consumer choice,
forcing people to select the most expensive service in the
--Vivek Varma, Microsoft spokesman.
More information about the OCLUG