Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
The fact remains though that by default (ie, immediately after a fresh install) Windows runs in Administrator mode, and the only way for this Windows "robust security model" you mention to go into effect is for the user to go through a fairly extensive set of manual adjustments, none of which the typical user would have any inkling ought to be performed. As you mention, nobody (MS included) wants to bother with teaching or even mentioning to the ordinary Windows users that a better more secure way exists. So, while I'd agree that in theory Windows can be made secure (ie Windows can support a good security model) the fact is that by default it does not, and in my experience, what exists in practice always trumps what might exist in the theoretical world.
In any case, to return to the topic of keeping your system secure, I'd suggest adding some commentary about managing file permissions, how to use partition with security in mind (ie, making /boot a separate partition), and to regularly check for and apply any security patches. Lastly, if you wanted to make this a more formal document, you might also consider submitting it as a Linux Answer since it contains useful pointers
Originally posted by J.W.
how to use partition with security in mind (ie, making /boot a separate partition)
I'd like to know more about this. I specifically asked about this before my current (temporary) installation, and all I gathered was that a separate /boot partition is really only helpful if you need to satisfy the cylinder limitations. Currently I have / on its own partition, but wasn't even sure how big to make it (it's 500MB). Didn't find anything by searching either, but I haven't read through the very long "Securing Debian" document.
I'd also like to learn more about creating a system maintenance account. It would be good to practice setting it up on this temporary account, so that I can implement it on my work machine (recently online! ) and on my upcoming installation. I like the concept very much, but since I'm a beginner I struggle with configuration. I specifically haven't worked out how to assign sudo rights to various users for various programs. In fact, when I try to invoke something with sudo from my user account, I get:
<user> is not in the sudoers file. This incident will be reported.
I did "# adduser <user> sudo" but I reckon that wasn't enough.
Originally posted by michapma I'd like to know more about this.
The /boot directory contains the kernel, so by declaring /boot as a separate partition and mounting it read-only, it becomes more difficult for anyone/anything to try to modify it on the sly.
There's an informative article from SystemExperts entitled "Configuring Secure Linux Hosts" that provides more info
Another helpful tip is to make /tmp its own partition and mount it noexec. Many exploits of vulnerable Web application download stuff to /tmp and execute it. I've been burned by this on Web servers a couple of times now (unfortunately I don't always have the final say in what goes onto servers I set up), so I'm going to start doing this by default on Web servers now.
foo_bar_foo: Lawd knows that I do not dispute your arguments that having Windows as a "black box" is distinctly poorer than having full access to the source-code.
And, I do not dispute your assertion that many of even Microsoft's own programmers write sloppy code that demands a level of access that they do not deserve.
The way I see it, there are just some programs .. quite a few programs, in Windows-land .. that you simply cannot use for just that reason. If you decide that you, indeed, must use a particular program, say in order to get paid or something, then designate that program so that it will "run as" Administrator.
Sure, this is a pain in the .. no doubts about that. It's a crock of s**t, in fact, and inexcusable on the part of M$ to leave things this way for so long. But the practice of having to explicitly designate certain programs as Administrative is still much better than allowing every single program that you ever run to have carte blanche access to the system. We have all seen, and read thousands of stories about, what that leads to. This is a way to prevent it. Its use should be status-quo, but it isn't... yet.
Last edited by sundialsvcs; 11-27-2005 at 05:43 PM.
As far as "a system maintenance account" goes... this is simply an "ordinary-Joe userid" that you put on when you are maintaining applications on the system, in other words, stuff that you might put in /usr/local. It's where you keep notes and records about what you've done.
The system maintenance account might have sudo privileges, or more extensive ones. It might belong to groups that other users do not belong to, and when installing new software you newgrp to that group, temporarily giving yourself access to those locations (such as, for example, /usr/local). You see, now these areas are protected in two ways:
You must explicitly log-on to the maintenance account.
While there, you must explicitly use newgrp.
And, "the core system files, kernel-image and so-on" are still read-only to you. By design, your role is expanded, but not unlimited.
It is exactly the same concept as "giving the accountant a private office." Even if there was only one person in your office, namely you, you might still "go into the accountant's office" to do accounting, then "lock the door behind you" when you're through, walking over to the next office to assume that role. It's simply using existing security-facilities in a (self-)disciplined way. Someone who breaks into your office won't find that now all of the doors are unlocked: he can only get to the hallway and the break-room.
Really, we are applying the same "common sense ideas" that we use every day in our homes and offices, to our computers. Even high-powered executives routinely do million-dollar work on personal computers with no thought given to very, very basic security. And automated scripts simply ferret them out. The scripts generally don't "try to break in" ... they look for sitting ducks, and find them by the thousands.
The concept of Access Control Lists (ACLs) is very useful for fine-grained control, but that's beginning to get esoteric. Let's just say that "very fancy control-mechanisms do exist." The main goal to accomplish first is .. simply .. self-disciplined use of the ordinary Linux features, to make one's system "a little less than trivial (actually, a whole lot less than trivial)" to break into.
Last edited by sundialsvcs; 11-27-2005 at 05:57 PM.
Excellent thoughts, and those are the lines I understood it to be along, but just that much more specific. Now I just need to read up on how to use (configure, actually) sudo and groups. The sudo man page shows that the sudoers file uses its own kind of language; even if it's "easy" to learn, you still have to learn it.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.