Talk:Securing servers
(Security in a local user context section needs:) |
|||
| Line 7: | Line 7: | ||
-d. | -d. | ||
| + | |||
| + | == Security in a local user context section needs: == | ||
| + | |||
| + | things needed here:(cover common gotchas and SNAFUs concerning local security; ie preventing valid shell users from obtaining privileges they aren't supposed to have or doing damage they shouldn't be able to do. sudo is clearly a must with this one, as is some discussion of running daemons under special user accounts, and the dangers of overusing "nobody" to run daemons. a quick rundown of system files that permissions should be double-checked on, like /etc/passwd, /etc/master.passwd, /etc/group, and the databases associated with them should also be covered.) | ||
Revision as of 08:53, 30 September 2004
this needs more on:
keeping your machine updated -- general, OS and programs (firewalls, ssh security gotchas, choosing secure daemons, staying up to date with patches, etc.) keeping your machine updated -- security patches
-d.
Security in a local user context section needs:
things needed here:(cover common gotchas and SNAFUs concerning local security; ie preventing valid shell users from obtaining privileges they aren't supposed to have or doing damage they shouldn't be able to do. sudo is clearly a must with this one, as is some discussion of running daemons under special user accounts, and the dangers of overusing "nobody" to run daemons. a quick rundown of system files that permissions should be double-checked on, like /etc/passwd, /etc/master.passwd, /etc/group, and the databases associated with them should also be covered.)
