[790] in linux-security and linux-alert archive
Re: [linux-security] standard users,groups,perms?
daemon@ATHENA.MIT.EDU (Sanjay Kapur)
Wed Jun 12 18:59:45 1996
Date: Tue, 11 Jun 1996 23:44:28 -0400 (EDT)
From: Sanjay Kapur <root@kbs.net>
Reply-To: Sanjay Kapur <root@kbs.net>
To: Rogier Wolff <R.E.Wolff@et.tudelft.nl>
cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <199606111611.SAA00683@cave.et.tudelft.nl>
On Tue, 11 Jun 1996, Rogier Wolff wrote:
> To do this, every uid should get
> a bitvector of privileges. Every "suser()" call in the
> kernel should get mapped to one of the bits. The default
> setup sets all of these bits to "enabled" for "root" and
> "disabled" for all other users.
>
> A secure setup would deminish the vector for "root"(?) and increase
> it for other users. (e.g. the "bind to low ports" bit and the
> "change uid to normal uids" bit should be on for "sendmail"
> running as user "mailerdeamon") The login program only needs
> change_uid (even to root? Maybe not. Abolish root logins!)
[Mod: Quoting trimmed. --Jeff]
VMS, Secure VMS etc. have this and it is very well documented. Another
thing that higher level security requires is Access Control Lists (ACLs)
rather than the very simplistic user/group/world security model of Unix.
Security is not a question of technology or using a string "root" to log
on but a frame of mind and a set of procedures. Large systems security
policies, although nice just do not apply to single user systems. If it
did, Bill Gates would not be worth $17 billion selling over 60
million copies of Windows and MSDOS every year.
Sanjay Kapur