Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
We have 4 root users on one linux system.We wish one root user to prevent access syslog.conf file ? So we manage this by defaut or is it possible to patch kernel by lids or gresec ..etc..
An interesting thing since we are dealing with a "root" user is that they will be able to override anything we do.
Absolutelly true, kind of a interesting thing to do. Kind of like a power user in windows xp, which in my opinion is not a good idea by microsoft. linux uses the keep it simple method while microsoft uses some crazy ass skem with their ownership arch. it is ridiculously complicated and you need a PH. D and a ridiculous amount of time to set ownership in any meanifull way. The most secure skem is a simple one, the more complicated it gets the less secure it gets!
Usually, in a situation like this, you really should be using sudo (to better define access rights and log actions) as well as reconsidering the idea of offering rootly powers to someone you worry about needing to restrict.
If you can't trust these people to behave than you really need to carefully define what they should be doing and permit only those actions in sudo. Of course, you need to keep in mind that many things have "outs" which will allow them to break the sudo thing (if you give them vi they can open a root shell for example).
perhaps one way is to change the group of syslog.conf,chown, and chgrp and only add the 3 roots to it and not the last. Of course you would really have to keep going with that idea as root4 will still have loop holes to change the group of the files back to him back to him. You would really have to think of them all and lock him out, very hard and complicated.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.