unix security program
Dermot Tynan
dtynan at zorba.Tynan.COM
Tue Mar 21 08:24:20 AEST 1989
In article <10322 at mcdchg.UUCP> mouse at Larry.McRCIM.McGill.EDU (der Mouse) writes:
>In article <10102 at mcdchg.UUCP>, jona at moss.ATT.COM (Jon M. Allingham) writes:
>> In article <7971 at mcdchg.UUCP> usenet at mcdchg.UUCP writes:
>>> The permissions check program requires you to set up a list of
>>> permissions, the ones given are not the most secure, for example:
>>> /bin 555 dr-xr-xr-x
>>> If you want security why let users cd to or ls /bin, better to set
>>> the permissions :
>>> /bin 111 d--x--x--x
Without read permission find wouldn't work. Not to mention
some shell utilities which would enable you to type the first few characters
of a commend and then complete the commend for you.
>If you want security you don't want UNIX. If you must have UNIX and
>you want to come as close as you can, there are many other things to
>mess with before worrying about users being able to cd to /bin. Tell
>me, what are you afraid they'll do once they're there?
In the most secure system, information about the existance
of certain files is available to the users on a need to know basis.
When one succeeds in breaking into an UNIX system, the knowledge of
where about of system filex can only help.
More information about the Comp.unix
mailing list