The increasing expansion of Linux application scope has attracted more and more attention. Security is a complex and extensive problem. Here we mainly focus on Linux User Account Security, especially how Linux system administrators ensure user security.
Password Security
In Linux, the/etc/passwd file contains the information of each user that all systems need to know (the ciphertext of the encrypted password may also be stored in the/etc/shadow file ). /Etc/passwd contains the user's login name, encrypted password, user number, user group number, user comment, user main directory, and shell program used by the user. The User ID (UID) and user group ID (GID) are used to uniquely identify users, users in the same group, and user access permissions in Linux. A good password should contain at least six characters. It is best not to use personal information (such as birthday, name, reverse spelling login name ), common English words are not good either (because dictionary attack is easy to crack ). It is recommended that the password contain non-letter characters (such as numbers, punctuation marks, and control characters), and should be easy to remember and cannot be written on paper or in a computer file. A good way to select a password is to connect two irrelevant words with one digit or control character, and cut off as eight characters. Of course, it would be better to remember 8 garbled characters. The same password should not be used on different machines, especially for users of different levels. Do not use the password in the terminal function key or modem string. The user should change the password on a regular basis. It is recommended to change the password once every three months. The system administrator can force users to change passwords on a regular basis. To prevent easy-to-use users from getting a password, make sure that no one is around when you enter the password.
File and Folder Security
Umask sets the default blocking value for file creation in user files and directories. If you place this command in the. profile file, you can control the access permission for subsequent files created by the user. The umask command is the opposite of the CHMOD command, which tells the system not to grant access permission when creating files.
1. Do not allow others to read or write files or directories.
If you do not trust this group of users, set umask to 022. Make sure that your. Profile cannot be read or written by others; it is best not to store important files in the temporary directory; no one can write in the Home Directory; files transmitted by UCP should be encrypted and transferred to your directory as soon as possible.
2. If you do not want other users to read files or directories, you must prevent them from being read by anyone.
Set umask to 006/007. If users in the same group are not allowed to access their files and directories, umask is set to 077. Temporary files are set to the current umask. Programs that store important data to temporary files are written to ensure that the temporary files cannot be read by other users. In this way, other users cannot read the home directory.
Security of copying and Moving Files
When you use the CP command to copy a file, if the target file does not exist, the access permission of the source file will be copied at the same time, including SUID and SGID permissions. The newly copied file is owned by the copy user. Therefore, be careful when copying other users' files. Do not be damaged by the SUID program of other users.
When you use the MV command to move a file, the new file access permission is the same as the original file, and the MV only changes the file name. If you have a directory write and search permission, you can move the SUID program of someone in the directory without changing the access permission. If the directory permission settings are incorrect, your SUID program may be moved to a directory that cannot be modified or deleted, resulting in a security vulnerability.
The cpio command is used to copy the directory structure to a common file, and then use the cpio command to convert the common file into a directory structure. Use this command with caution because it can overwrite files not in the current directory structure. Use the T option to list the files to be copied first.
Do not leave the logon Terminal
This problem seems simple, but is the most easily overlooked. Even a few minutes of negligence can cause harm to the system.
Security of file encryption
The crypt command can be provided to users to encrypt files. It uses a keyword to encode the standard input information into unreadable messy strings and sends them to the standard output device. Use this command again to apply the same keyword to the encrypted file to restore the file content.
In general, the original file should be deleted after the file is encrypted, leaving only the encrypted version, and the encryption keyword cannot be forgotten. VI commands generally have encryption functions. You can use the Vi-x command to edit the encrypted file. The selection rules of encryption keywords are the same as those of passwords.
The crypt program may be used as a Trojan horse, so passwords cannot be used as keywords. It is best to compress the file with the pack or compress command before encryption, and then encrypt the file.
Cu Problems
The Cu command allows you to log on from one Linux system to another. In this case, you must enter "~" in the remote system. Press enter to disconnect the connection between the Cu and the remote system.
Cu also has security issues. If the security of the local machine is weaker than that of the remote machine, it is not recommended to use the Cu to log on to the remote machine, so as to avoid affecting the safe remote machine due to the security of the local machine. Since the old version of Cu processes "~" The method is not perfect. From a secure system call, users with weak security will use the Cu of the strong system user to transmit the/etc/passwd file of the strong system.
Security of temporary files and directories
In Linux, the temporary directories are/tmp and/usr/tmp. If these directories are used to store temporary files, other users may destroy these files. It is best to define the file blocking value as 007 when using a temporary file. The insurance method is to create your own temporary files and directories $ home/MP. Do not store important files in public temporary directories.
Uucp file transmission and network security
The uucp command is used to transmit files from one Linux system to another. Files transmitted through uucp are usually stored in the/usr/spool/uucppublic/login directory. login is the user's login name and the access permission for this directory is 777. Files transmitted over the network and stored in this directory belong to uucp, and the file access permits are 666 and 777. Users should encrypt the files transmitted through uucp and move them to their own directories as soon as possible. Other networks transmit files to the rjc directory under the user's home directory. This directory is writable and searchable for others, but not necessarily readable. Therefore, the access permission for the user's rjc directory should be 733, allowing programs to create files in it. Similarly, the transmitted files should be encrypted and moved to their own directories as soon as possible.
Security of SUID/SGID
Try not to write SUID/SGID programs. In creates a chain for an existing file, that is, a new name that references the same file. If the target file already exists, the file will be deleted and replaced with a new link; or if the existing target file cannot be written by the user, the user is requested to confirm whether to delete the file, because only built-in links in the same file system are allowed. To delete a SUID File, check the number of links to the file. Only one chain can ensure that the file is deleted. If the SUID File already has multiple links, one way is to change the access permission method, which will modify the access permission of all links at the same time; or chmod000 file name, this not only cancels the SUID and SGID licenses for the file, but also cancels all links of the file. To find out who has established a link with your SUID program, do not immediately delete the program. The system administrator can use the ncheck command to find other links of the program.
Security of smart terminals
Because the Smart terminal has the send enter code sequence, it tells the terminal that the current system is the same as the one typed by the user. This is a dangerous capability. Other people can use the write command to send information to their terminals. To prohibit other users from sending messages, use the mesgn command. Mesgn does not allow other users to send messages. mesgy allows other users to send messages. Even so, there is still a problem with the code-changing sequence. Any user can use the MAIL command to send the same set of Code-changing sequences. Different codes must be used! Rm-R * Replaces Rm-R *.
Other security issues
Do not run programs of other users except trusted users. In your own path, put the system directory in front. After you exit with Ctrl + D or exit, you can see login before disconnecting from the system: after prompting, you can exit again to avoid others entering when the user does not log off. Regularly use the LS-A. Command to list all files in the current directory, including files starting with ".", and view the access permission and owner of all files. Any document that does not belong to you should be suspected and held accountable.
These are some suggestions for maintaining user account security as a Linux system administrator. More importantly, we need to establish security awareness and understand users. The more familiar system administrators are with their users and users' work habits, the more they can quickly discover unusual events. unusual events mean system security problems. The most basic way to avoid user account security incidents is to prevent and regularly perform security checks, including using sniffer.