Use sudo to reinforce Linux System Security

Article Title: Use sudo to reinforce Linux system security. Linux is a technology channel of the IT lab in China. Including desktop applications, Linux system management, kernel research, embedded systems and open source, and other basic categories. System reinforcement is the process of improving system security by using manual configuration and related software. This article describes how to use the open-source software sudo to control and audit Root permissions to reinforce Linux system security.

I. sudo Functions

Sudo is an open-source security tool that is most commonly used to control and audit Root permissions. Its guiding ideology is to "try to compress the permissions granted to people while ensuring their normal work ". The system administrator not only allows the specified user or user group to run some commands as the root user or other users, but also records the commands and Parameters entered by the specified user in detail. Of course, this software can be downloaded for free at www. gratisoft. us/sudo/download.html.

The Sudo program is a security tool that works in the command line mode, and we only execute one command at a time. It supports the following functions:

◆ Command log: Record commands and parameters. This function is used to track user input commands, especially for system auditing. Because sudo records all commands used as root users (or other users specified), many administrators often use them to replace the root shell to record their own commands, this not only improves system security, but also enables troubleshooting.

◆ Records logs of multiple systems in a centralized manner: After the Sudo logs are combined with the System Log Daemon syslog, all logs can be stored on one host.

◆ Command restrictions: commands that can be used by users or user groups.

◆ Ticket checking system: the ticket checking system sets the time limit by the ticket created when the user logs on to sudo. The ticket is valid only within the specified time. Each new command refreshes the default time of the ticket. The default time is five minutes. In reality, this function is very useful. Even if the root user forgets to log out of the system when he leaves the system, it will not be snooped into the system by other users who can access the keyboard. Because after the ticket expires, the system must log on again. Therefore, we recommend that you set the validity period to a shorter value, for example, the default validity period is five minutes. The ticket checking system can also be used to clear users' ticket files.

◆ Centralized management of multiple systems: Sudo configurations are generally written in the/etc/sudoers file, which can be used by multiple systems, we can centrally manage these systems on a host.

Sudo supports almost all UNIX operating system versions, but if you want to install it from the source code, you must prepare the C compiler and make tools.

[1] [2] [3] [4] [5] [6] [7] [8] Next page