General TC > General TC Talk

sudo'd out

<< < (3/6) > >>

softwaregurl:
paraphrasing something I [was] (edit: saw [dyslexia]) on the DSL jokes, "Linux is a simple operating system, but it takes a genius to understand its simplicity".  Thanks Mikshaw and TheHatsRule, I put things in terms that I understand which are usually not the write word.  And, besides almost a decade writing stuff for web servers, I downloaded my first copy of Linux Dec 2007. I still have much to learn.  What I'm catching is that the biggest security feature of Linux is ownership and permissions.  A malicious program (or inept or malicious user) can't effect much more then it's self.

P.S.  I reformatted the last Windows drive on the last computer that was still multi booting Windows day before yesterday  :) :) :).  Guess if something isn't used for four months it can go bye bye.

mikshaw:

--- Quote from: softwaregurl ---What I'm catching is that the biggest security feature of Linux is ownership and permissions.
--- End quote ---
If your talking about the basic home user, I'd agree (that's not saying it's fact, just my opinion).  If you're talking about vital systems like those run by governments, businesses, etc., I think there are other parts of security that are just as important, such as firewalls and keeping software patched with the latest security fixes.  In those systems, though, I would say the use of sudo is a bad idea anyway....in that case root power should be given only to trusted administrators.

jpeters:
I found a fast way check for files that are able to be written to by anyone (i.e., without 'sudo'), using the 'find' command. So for files in hda3: 


--- Code: ---find  /mnt/hda3 -perm -222
--- End code ---

For more (or less) security, I could then use chmod.  .


jpeters:
It pays to understand permissions.  For example, I tried saving a file opened with OO, and didn't have permission, so I changed the /folder to 666 (read write). Guess what happened when I tried to CD to the folder?   :D

Edit; to really freak out, try to ls to the files.....it looks like they've all been deleted.

mikshaw:
I think it really helps to use a file manager which has the ability to display  the file permissions at all times.  A quick glance will let you know what needs to be done if you have a permissions-related problem.  Personally, mc with mode:3 (or 4,5,6,or 7) as part of the file listing mode is great.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version