[lug] permissions
Franklin Bowen
Franklin at Bowen.net
Thu Aug 15 16:44:32 MDT 2002
I did something similar when I was new to Unix and had to reinstall the
machine because all the suid bits on binaries were removed. :-(
It did teach me a lot though including to use the ugo+-rwx notation on chmod!
At 04:29 PM 8/15/2002 -0600, you wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>I don't think it's worth all the trouble and potential headaches
>(broken stuff). Maybe you should consider a hardened distro (like
>KRUD), or running a hardening script such as
>http://freshmeat.net/projects/bastillelinux/ and limiting your network
>services to the minimum necessary set. And don't forget to apply patches.
>
>j davis wrote:
>| Hello,
>| Today I decided its time to lock down everything a little more. on my
>| firewall/webserver/NAT machine/mail_serv, i want to remove all the extra
>| crap
>| that i installed during original install. And chmod everything else to
>| 700 or 600. How far can i go with this before i start beaking stuff?
>| I have a few users who do nothing more than check their web mail or
>popmail
>| and view webpages on my server.No shells except for root....oh, also
>| box serves ftp.
>|
>| thanks,
>| jd
>|
>| jd at taproot.bz
>| http://www.taproot.bz
>|
>| _________________________________________________________________
>| Chat with friends online, try MSN Messenger: http://messenger.msn.com
>|
>| _______________________________________________
>| Web Page: http://lug.boulder.co.us
>| Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>| Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
>
>
>- --
>
>~ - John Hernandez - Network Engineer - 303-497-6392 -
>~ | National Oceanic and Atmospheric Administration |
>~ | Mailstop R/OM62. 325 Broadway, Boulder, CO 80305 |
>~ ----------------------------------------------------
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.0.6 (GNU/Linux)
>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
>iEYEARECAAYFAj1cK04ACgkQB1Kl6VhqfiNsfgCfT0a0pnC7p49ezxS8QbS1mqKA
>by0Anj+JPfvMJZIrBKIPmnTjQHYGZi/4
>=jsAV
>-----END PGP SIGNATURE-----
>
>_______________________________________________
>Web Page: http://lug.boulder.co.us
>Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
--
Franklin Bowen (Franklin at Bowen.net)
http://Franklin.Bowen.net
More information about the LUG
mailing list