Content deleted Content added
→General: Improve link text Tags: Mobile edit Mobile web edit |
m Bot: link syntax and minor changes |
||
Line 18:
===User groups===
Users under Unix style operating systems often belong to managed groups with specific access permissions. This enables users to be grouped by the level of access they have to this system. Many Unix implementations add an additional layer of security by requiring that a user be a member of the ''[[Wheel (computing)|wheel]]''
===Root access===
Line 38:
xfze:$$1zuW2nX3sslp3qJm9MYDdglEApAc36r/:1000:100:Daniel Ernesto Ortiz Costa:/home/xfze:/bin/bash
Since all users must have read access to the <code>/etc/passwd</code> file to do many common tasks (<code>ls -l /home</code> will use <code>/etc/passwd</code> to map UIDs to login names for example), anyone could also read the password hashes of other users. To solve this problem, the
The <code>/etc/shadow</code> file often only contains values for the first two fields:
Line 195:
Attacks:
*[[Man in the middle attack]]
*[[LAND]], [[ping of death]], [[
*Software tools based password/passphrase/key stealing attacks on the system. Such as strace/truss/tusc/dtrace/SystemTap based ones.
Line 219:
* [http://www.dsm.fordham.edu/~moniot/Classes/InternetWebF00/unix-security/unix-security.html ''The Unix Security Model for web server administration''] {{Dead link|date=July 2020}} Robert K. Moniot 2000
* [https://web.archive.org/web/19971211054350/http://www.alw.nih.gov/Security/Docs/network-security.html ''An Architectural Overview of UNIX Network Security''] Robert B. Reinhardt 1993
* [https://web.archive.org/web/20010815023702/http://andercheran.aiind.upv.es/toni/unix/index_en.html Unix security papers]
[[Category:Operating system security]]
| |||