LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-30-2011, 07:11 AM   #1
svu
Member
 
Registered: Apr 2005
Distribution: Slackware 13.37
Posts: 36

Rep: Reputation: 1
passwords in configuration files (right way to protect them ?)


Hi,

I've been setting up my /etc/profile file with the correct parameters that our proxyserver needs.

This includes identification via username and password on the proxyserver.

If I look at the default file permissions... everyone has read permission on the /etc/profile file.
This means the password I've entered is visible to everyone if I don't do anything to "fix" this...

Are there certain options to protect these types of configuration files other than just changing the permissions ?

Also, can changing permissions to keep configuration files from being read by "unauthorized" users conflict with the normal way things should work or IS changing the permissions in general the right way to keep those passwords or other sensitive information inaccessible to most users ?

Thanks

Last edited by svu; 09-30-2011 at 07:13 AM.
 
Old 09-30-2011, 07:28 AM   #2
Lexus45
Member
 
Registered: Jan 2010
Location: Kurgan, Russia
Distribution: Slackware, Ubuntu
Posts: 352
Blog Entries: 3

Rep: Reputation: 47
hi, svu.

Try to create ~/.bash_profile and put the data there. I haven't tried but I'm sure that you can chmod this file for being read only by you and everything will work well.
http://tldp.org/LDP/Bash-Beginners-G...ect_03_01.html section 3.1.2.

Last edited by Lexus45; 09-30-2011 at 07:30 AM.
 
1 members found this post helpful.
Old 09-30-2011, 01:48 PM   #3
svu
Member
 
Registered: Apr 2005
Distribution: Slackware 13.37
Posts: 36

Original Poster
Rep: Reputation: 1
Thanks, but I seem to prefer the system wide settings via /etc/profile ...
I'm still wondering if it's good practice to chmod the files with sensitive content in them so only the owner (root in this case) can read it.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How To Protect Web Page Directories With Passwords ramecare Linux - Server 1 06-27-2011 07:39 AM
how do i view configuration files for passwords and groups? patrickchavez32161 Linux - Newbie 5 04-20-2011 02:00 PM
[SOLVED] Passwords in configuration files bucovaina78 Linux - Security 2 08-31-2010 01:50 PM
mv: how to protect files from being moved hamish Linux - Software 4 09-05-2005 10:15 PM
Need to protect files from people with su ability cotton213 Linux - Security 5 12-10-2004 09:56 PM


All times are GMT -5. The time now is 12:16 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration