20061011
From Wsms
previous next
Go To:Linux Class Notes
Contents |
[edit]
Some files in your etc directory
[edit]/etc/passwd
This file contains information about the users of the machine. Each user is represented by one line in /etc/passwd. It contains information of users created by the system. In the past, it was possible to attack a machine, by viewing this file. On linux is very difficult to rename the root user. Teacher has never done it in a successfull way. The apache user is asociated with the web browser. The recomendation is that the administrator has to remove any users that will not be used by the system.
Each line of this file contains a number of fields, separated by colons ":". For example, the line:
joem:x:200:500:joe Mc Gerald:/jome/joem:bin/bash
has 7 fields:
1 The user name (joem).
2 Has to do with the users password. Most of the time, you see an x. That means that the password is not stored in this file. It is in another file named '/etc/shadow'. If there are another things, like some weird random characters, that means that the password has been stored in this file, in an encrypted way.
This file is readable by all. The problem is that this file must be readable by all. So, years ago, the password was encrypted and stored in that file. There are softwares used to crack those encrypted passwords. The shadow file has permissions that only give access to the user who is the root user.3 Numeric field that is the numeric user ID asociated with the user
4 Numeric field that is the numeric group ID asociated with the user
The fact of using numbers to identify users, can become a weakness on Linux security, because any user that has the same user id, can became the owner of a file.5 The full name of the user. It can be empty, it can the name, telephone number, city, etc.. separated by commas. This information is known as the finger information. This deals with something that used to be very useful back in days, where we didn't have lots of people in the internet. This was the first file used for spammers. Nowadays it is more secure.
6 Related to the facility for the user to log on.
7 Related to the facility for the user to log on.
To logon a user, the system needs a lot of things and also two pices of information: the home directory of the user (field 6) and what is the default shell that the user uses (field 7).[edit]/etc/group
It deals with groups in the system. It has 3 fields: id of the group, password of the group and number id of the group.
This file is used tomanage groups.[edit]/etc/shadow
It has information of the passwords of users. The only one who has permission to this file, is root.
The fields in this file are:
1. The user id.
2. A string that represents the password in an encrypted way. One way to disable a user account is to put an exclamation point as the first character in the password field.
To create this string, the algorithm uses the user id and the password to encrypt the information.
3,4,5,6. Numbers asociated with the ability to specify how long a user has access rights to the system. There are ways to modify users privileges. It can be used to limit the user's right to access the system.
They represent dates, stored in a very particular format. It is stored as an absolute number, that is the number of days that have been passing since jan 1 1970.
The only thing needed to add a user is a text editor, to manipulate the involved files (than can be these three we have already studied).
[edit]
Some files in your /usr directory
[edit]File: /usr/share/messages
It keeps all the messages the system displays in a session. In these days, not everybody has permission to read and change it, because it is a really key file on the system, and it can become toooo long, so now it is not allowed to be changed by everybody.
[edit]
Command lines (cont)
[edit]Permission commands
[edit]chmod command
A command to change permissions. The first argument is the number that represent the permission. The second argument is the file or set of files wich will have the new permissions.
