Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm not quite sure what you mean, but If you mean what I think, then no.
It'd still be connected to the internet, and it'd still be accepting connections on whatever it'd be accepting connections on [ssh ftp etc].
Although, on the topic of security ideas...
Would it help at all to have an account specially made for shutting down/rebooting? Say I'm offering ssh accounts on my computer, I don't want people logging in and shutting it down, but I want people who live here to be able to shut down or reboot if they need to, and I can (generally ) trust people who I grant physical access. I can let them use that account instead of letting all users shut down, and they don't need the root password. I assume there are other ways of doing this, using sudo and groups, but what does everybody else think?
Originally posted by slackwarefan I'm not quite sure what you mean, but If you mean what I think, then no.
It'd still be connected to the internet, and it'd still be accepting connections on whatever it'd be accepting connections on [ssh ftp etc].
Although, on the topic of security ideas...
Would it help at all to have an account specially made for shutting down/rebooting? Say I'm offering ssh accounts on my computer, I don't want people logging in and shutting it down, but I want people who live here to be able to shut down or reboot if they need to, and I can (generally ) trust people who I grant physical access. I can let them use that account instead of letting all users shut down, and they don't need the root password. I assume there are other ways of doing this, using sudo and groups, but what does everybody else think?
You could create a group which has the power to shut down the system (say a trusted group or shutdown group) which you add all the trusted users to and they have shut down access.
If I have a special account to go online, then when online if someone connects to my system, they will not have access to the root, as well as my main user account. Also, once files are downloaded, I can transfer them once offline from one account to the next.
Technically that would reduce the likelihood of your normal user's filesystem getting damaged or compromised and any malicious code that allowed user level access wouldn't have perms to touch the other users files. Unfortunately it would still allow access to the system and a privilege escalation attack (local root compromise) would still be possible. Once root is gained, then you're screwed regardless.
However if you stripped that user of basically any privilege, it might help. Though you'd stil need a filesystem for that user to put things like cookies and a history. Where this might have the greatest effect is on a system using SELinux (or other RBACs). With SELinux you can more finely control what a given use is allowed to access. So you could configure that user to only be able to access mozilla and it components and to only have write access to the user dir. In that case, it might have a little more bang-for -your buck security wise, but I think overall the added inconvenience of having to switch users in order to surf the web and then transfer any downloaded files outweighs the minimal increase in security, though again technically it still would help.
Last edited by Capt_Caveman; 01-16-2005 at 01:23 AM.
Distribution: slamd64 2.6.12 Slackware 2.4.32 Windows XP x64 pro
Posts: 383
Rep:
What about people with t1,cable, or dsl who don't dial and are on all the time? I dont want to shutdown the network connect when logged on as my main user.
To be honest, I would just say secure your box. If your system has been properly secured and hardened, then likely you won't have anything to worry about.
Just a heads up for the "shutdown" users above in this thread. What I would do is setup the shutdown command to only be issued by root. Then I would group all the "local accounts" in one group (ie. all the accounts that you wish people to have access to the shutdown command).
Then a quick issue of the visudo to edit the /etc/sudoers file to read as this:
Code:
<groupname> <serversname> = (root) shutdown
That should do it. Now when a "local user" wishes to shutdown the box they issue:
Code:
sudo shutdown <options>
This will only allow the users you specify to shutdown the box.
Originally posted by rvijay How about creating a separate account on Linux for just going Online ? Will this help anyway with security ?
yes, it would help, but it would be very inconvenient... of course if you don't care about the inconvenience then go for it... with everything properly set, even if you'd execute something "evil" the damage would be limited to that "online" account... where as if you would have executed that "evil" script on your regular account your personal data would have been at risk... so yeah, what you want to do is pretty weird, but technically speaking, yes, it does help...
of course if the evil script you execute takes advantage of an (privilage escalation) exploit then it doesn't matter what account you are using to execute it... in other words, even with your weird method, you still need to keep everything nice and patched...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.