Using access controls to protect your system
Apply good access controls to all files on your system.
- Never allow world-writable files and directories (except for certain
necessary directories like /tmp and /var/tmp)
- Avoid unnecessary group-writable files and directories.
- Make all system software and configuration files owned by a
standard user and group (such as root).
- Make world-writable temporary directories for users "sticky" (mode 1777).
- Whenever possible use private temporary directories for root-run
jobs (to avoid "/tmp races", where a user tries to beat the root job
to creating a predictable temporary filename, which can be used to
overwrite other system files).
Poor access control can have surprising consequences.
- Readable (or worse, writable) /dev/mem, /dev/kmem, or disk
device files can allow bypassing other security protections.
- Writable system files and directories can allow damaging or
replacing critical system software.
- Be thorough about thinking through implications; side effects
can be very subtle.
The "umask" can prevent bad default permissions; umask
022 will prevent creation of world-writable files, and
umask 077 will create files accessible only to the owner.
Discourage users from creating their own world-writable files and
directories, to prevent possible exploitation of their
accounts.
Use packet filtering or TCP wrappers to limit access to network
services to only those hosts that need to access them. Services
like RPC, file sharing, or printing usually don't need to be
accessible to the entire world.
Next ->
Steve VanDevender
Last modified: Wed Jul 7 14:50:09 PDT 2004