I've only been working with Red Hat for a few days, and have had a brief exposure to UNIX some years ago. I was intrugued by Linux, so I obtained Red Hat WS over the weekend. Of course, my head is full of Micrisoft OS knowledge, which I have been working with for quite some time.

My first question is thus:

How can I give a user who is not root full administrative rights? I have noted that each file or folder created has its own set of permissions you can change to allow other users to read/write/execute. What happens if you place a user into the "root" group, for instance?

Thanks!

that's a really not nice first question, it will amke people think that for unknown reasons you want your normal use to have root. this is, of course, A REALLY BAD IDEA AND SHOULD BE AVOIDED.

generally speaking though, the admin group is called "wheel" if it's not "root". adding a user to that group will give them the same rights.

Hi, and welcome to LQ!

You definitely DON'T want to do that. Not only because
it's too easy to render your system unusable by accident
but also because if you run everything as a user with
root privileges you'd open the doors wide for exploits
or trojans. Please search the forum for more in-depth
discussions of this topic, it has been asked (and
answered) quite a few times...

Depends on what the permissions actually are ...
If a file, for example, were owned by root:root,
and the permissions are
rwsr-xr-- a user in group root could actually run it.


Cheers,
Tink


P.S.:
/me high-fives Chris:"You soundly beat me to this one!" ;)

Thanks to you both for your quick responses. I understand the dangers of giving users full control, as I do Windows admin as well. This is on a home PC, so I would be the only user with that kind of control. As for the security risks, your comments are noted.

Thanks

Well, as soon as there's an internet connection involved
there's no such thing as a HomePC anymore. Always bear
in mind that, even though Linux programs are usually more
robust in this respect than Windows will ever be, there MAY
be an exploit that hasn't been fixed yet, and you may be
running a vulnerable piece of code. You want to minimize
the risks, not only because you may have stored sensitive
data (like banking or credit card details), but also because
you don't want your machine to be the leap-stone for a
bad hacker, or for it to be used in a DDoS attack ...


Cheers,
Tink

Tink:

Are there some intial steps I should take to lock my system down, and/or make it less vulnerable?

Thanks

Check out the links-section and the sticky
threads at the top of the security-forum


;)

Cheers,
Tink

Thanks again. There is a wealth of material here. I think once I start to understand how the OS is handling its processes, the security vulnerabilities will become clearer. I notice that when I do a netstat command in the shell, that I see not only my connections with other machines, but also OS activity. I am behind a NAT (router), so at least I have one layer of extra security. There is also a built-in firewall in this version of Linux, which can block certain protocols. Firestarter (firewall) appears to be a good first solution for me. With the amount of control available with Linux, however, I can't help thinking that I could probably accomplish most of its functions myself.

You've been a great help so far.

Thanks,
0perat0r