LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-27-2005, 02:42 PM   #16
J.W.
LQ Veteran
 
Registered: Mar 2003
Location: Boise, ID
Distribution: Mint
Posts: 6,642

Rep: Reputation: 87

The fact remains though that by default (ie, immediately after a fresh install) Windows runs in Administrator mode, and the only way for this Windows "robust security model" you mention to go into effect is for the user to go through a fairly extensive set of manual adjustments, none of which the typical user would have any inkling ought to be performed. As you mention, nobody (MS included) wants to bother with teaching or even mentioning to the ordinary Windows users that a better more secure way exists. So, while I'd agree that in theory Windows can be made secure (ie Windows can support a good security model) the fact is that by default it does not, and in my experience, what exists in practice always trumps what might exist in the theoretical world.

In any case, to return to the topic of keeping your system secure, I'd suggest adding some commentary about managing file permissions, how to use partition with security in mind (ie, making /boot a separate partition), and to regularly check for and apply any security patches. Lastly, if you wanted to make this a more formal document, you might also consider submitting it as a Linux Answer since it contains useful pointers
 
Old 11-27-2005, 03:05 PM   #17
michapma
Member
 
Registered: Oct 2003
Location: Zürich
Distribution: Debian
Posts: 537

Rep: Reputation: 39
Quote:
Originally posted by J.W.
how to use partition with security in mind (ie, making /boot a separate partition)
I'd like to know more about this. I specifically asked about this before my current (temporary) installation, and all I gathered was that a separate /boot partition is really only helpful if you need to satisfy the cylinder limitations. Currently I have / on its own partition, but wasn't even sure how big to make it (it's 500MB). Didn't find anything by searching either, but I haven't read through the very long "Securing Debian" document.


I'd also like to learn more about creating a system maintenance account. It would be good to practice setting it up on this temporary account, so that I can implement it on my work machine (recently online! ) and on my upcoming installation. I like the concept very much, but since I'm a beginner I struggle with configuration. I specifically haven't worked out how to assign sudo rights to various users for various programs. In fact, when I try to invoke something with sudo from my user account, I get:
<user> is not in the sudoers file. This incident will be reported.

I did "# adduser <user> sudo" but I reckon that wasn't enough.
 
Old 11-27-2005, 03:51 PM   #18
J.W.
LQ Veteran
 
Registered: Mar 2003
Location: Boise, ID
Distribution: Mint
Posts: 6,642

Rep: Reputation: 87
Quote:
Originally posted by michapma
I'd like to know more about this.
The /boot directory contains the kernel, so by declaring /boot as a separate partition and mounting it read-only, it becomes more difficult for anyone/anything to try to modify it on the sly.

There's an informative article from SystemExperts entitled "Configuring Secure Linux Hosts" that provides more info
 
Old 11-27-2005, 04:10 PM   #19
btmiller
Senior Member
 
Registered: May 2004
Location: In the DC 'burbs
Distribution: Arch, Scientific Linux, Debian, Ubuntu
Posts: 4,290

Rep: Reputation: 378Reputation: 378Reputation: 378Reputation: 378
Another helpful tip is to make /tmp its own partition and mount it noexec. Many exploits of vulnerable Web application download stuff to /tmp and execute it. I've been burned by this on Web servers a couple of times now (unfortunately I don't always have the final say in what goes onto servers I set up), so I'm going to start doing this by default on Web servers now.
 
Old 11-27-2005, 05:40 PM   #20
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,610

Original Poster
Blog Entries: 4

Rep: Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905
foo_bar_foo: Lawd knows that I do not dispute your arguments that having Windows as a "black box" is distinctly poorer than having full access to the source-code.

And, I do not dispute your assertion that many of even Microsoft's own programmers write sloppy code that demands a level of access that they do not deserve.

The way I see it, there are just some programs .. quite a few programs, in Windows-land .. that you simply cannot use for just that reason. If you decide that you, indeed, must use a particular program, say in order to get paid or something, then designate that program so that it will "run as" Administrator.

Sure, this is a pain in the .. no doubts about that. It's a crock of s**t, in fact, and inexcusable on the part of M$ to leave things this way for so long. But the practice of having to explicitly designate certain programs as Administrative is still much better than allowing every single program that you ever run to have carte blanche access to the system. We have all seen, and read thousands of stories about, what that leads to. This is a way to prevent it. Its use should be status-quo, but it isn't... yet.

Last edited by sundialsvcs; 11-27-2005 at 05:43 PM.
 
Old 11-27-2005, 05:53 PM   #21
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,610

Original Poster
Blog Entries: 4

Rep: Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905
As far as "a system maintenance account" goes... this is simply an "ordinary-Joe userid" that you put on when you are maintaining applications on the system, in other words, stuff that you might put in /usr/local. It's where you keep notes and records about what you've done.

The system maintenance account might have sudo privileges, or more extensive ones. It might belong to groups that other users do not belong to, and when installing new software you newgrp to that group, temporarily giving yourself access to those locations (such as, for example, /usr/local). You see, now these areas are protected in two ways:
  • You must explicitly log-on to the maintenance account.
  • While there, you must explicitly use newgrp.
And, "the core system files, kernel-image and so-on" are still read-only to you. By design, your role is expanded, but not unlimited.

It is exactly the same concept as "giving the accountant a private office." Even if there was only one person in your office, namely you, you might still "go into the accountant's office" to do accounting, then "lock the door behind you" when you're through, walking over to the next office to assume that role. It's simply using existing security-facilities in a (self-)disciplined way. Someone who breaks into your office won't find that now all of the doors are unlocked: he can only get to the hallway and the break-room.

Really, we are applying the same "common sense ideas" that we use every day in our homes and offices, to our computers. Even high-powered executives routinely do million-dollar work on personal computers with no thought given to very, very basic security. And automated scripts simply ferret them out. The scripts generally don't "try to break in" ... they look for sitting ducks, and find them by the thousands.

The concept of Access Control Lists (ACLs) is very useful for fine-grained control, but that's beginning to get esoteric. Let's just say that "very fancy control-mechanisms do exist." The main goal to accomplish first is .. simply .. self-disciplined use of the ordinary Linux features, to make one's system "a little less than trivial (actually, a whole lot less than trivial)" to break into.

Last edited by sundialsvcs; 11-27-2005 at 05:57 PM.
 
Old 11-30-2005, 11:25 AM   #22
michapma
Member
 
Registered: Oct 2003
Location: Zürich
Distribution: Debian
Posts: 537

Rep: Reputation: 39
Excellent thoughts, and those are the lines I understood it to be along, but just that much more specific. Now I just need to read up on how to use (configure, actually) sudo and groups. The sudo man page shows that the sudoers file uses its own kind of language; even if it's "easy" to learn, you still have to learn it.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
VSFTPD with secure & non-secure logins Ricci Graham Linux - Software 6 02-24-2020 11:49 PM
How can I do a simple test to see how secure my system is? M$ISBS Linux - Security 1 07-21-2005 09:56 PM
secure stable network file system? SocialEngineer Linux - Networking 1 12-19-2004 07:05 AM
PHP: secure login system markus1982 Programming 4 10-16-2003 11:50 AM
how to get the most secure system... complus Linux - Security 7 08-17-2003 10:24 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 02:40 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration