LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-03-2015, 03:11 PM   #1
Boyd Ogonda
LQ Newbie
 
Registered: Jan 2015
Posts: 2

Rep: Reputation: Disabled
securing /etc/profile and /etc/bashrc


Changing umask value for files and directories take effect after reload:
/etc/profile
/etc/bashrc
default permission for all users:
-rw-r--r--
above permission is edited to:
-rw-rw-r--
If a specific user in group having only read permission to a file/directory is created before reload,and Linux server reloads, that user gets rw permission to that file/directory. what is the alternative of securing:
/etc/profile
/etc/bashrc
apart from giving the two files access to root user only, and locking out all other users?
 
Old 03-04-2015, 06:46 AM   #2
wpeckham
Senior Member
 
Registered: Apr 2010
Location: USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, Vsido, tinycore, Q4OS
Posts: 1,650

Rep: Reputation: 568Reputation: 568Reputation: 568Reputation: 568Reputation: 568Reputation: 568
secure?

Not sure the point of the question. Default ownership of those files should be root:root and permissions 644 (rw-r--r--) giving only root write access. If you open the group, it would make no difference UNLESS you add some other account to the root group. (or change a combination of things).

If you want these files more secure: they are already secure as normal ACL controls allow and still function.
 
Old 03-09-2015, 05:47 PM   #3
Boyd Ogonda
LQ Newbie
 
Registered: Jan 2015
Posts: 2

Original Poster
Rep: Reputation: Disabled
Thanks
Default ownership of file is root and only root has write privileges.
Different user I used to login earlier was in root group.
Other users created cannot access the files
 
Old 03-10-2015, 11:53 PM   #4
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 16,817

Rep: Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408Reputation: 2408
Quote:
Different user I used to login earlier was in root group.
There should ONLY be one ( 1 ) user in that group " ROOT"!

If you NEED to give some outer users SOME!!! root control, that is what "SUDO" is for .

if you are really paranoid
use a OS that uses SELinux
RHEL,CentOS,Fedora ( suse ? it can but a custom build )

be aware if the ownership and se context of "bashrc" & "profile" are wrong or edited so that a NON root user can edit it
SELinux will STOP!!!! the boot with a WARNING!!!!

Last edited by John VV; 03-10-2015 at 11:56 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
/etc/profile V.S. /etc/bashrc Takayuki Linux - General 12 05-18-2011 12:25 AM
.bashrc / .bash_profile /etc/profile /etc/bashrc deadeyes Red Hat 2 02-13-2010 12:22 PM
Setting path: /etc/profile, /etc/bashrc or ~/.bashrc Swakoo Linux - General 1 08-07-2007 11:59 PM
/etc/profile vs /etc/bashrc maybbach Linux - Newbie 6 04-22-2005 10:50 AM
Where's my .bashrc or .profile t1mc00per Linux - Software 6 03-03-2003 11:35 AM


All times are GMT -5. The time now is 01:48 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration