Mailinglist Archive: opensuse (3222 mails)
|< Previous||Next >|
Re: [SLE] Users having a Shell-Account: they can see everything!
- From: cees-list@xxxxxxxxxxxxxxxx (Cees van de Griend)
- Date: Thu, 3 Feb 2000 00:49:44 +0100
- Message-id: <20000203004944.A9714@xxxxxxxxxxxxxxxx>
On Thu, Feb 03, 2000 at 12:12:46AM +0100, Rogier Maas wrote:
> Cees van de Griend wrote:
> > On Wed, Feb 02, 2000 at 10:25:23PM +0100, Rogier Maas wrote:
> > > Dear List,
> > >
> > > I have a couple of Shell-Account-users who can chdir to the root, and
> > > dir everything in my filesystem. Is there any way to confine them to
> > > their homedirectory like ProFTPd can?
> > Yes, but why bother...
> > If they realy can 'dir' everything, you have a bigger problem: you have
> > no security. If they can read and change /etc/passwd and /etc/shadow,
> > you realy have a big problem.
> > If they can read 'almost' all, as in the default SuSE configuration,
> > you should be oke.
> > It is posible to confine a user to his/her homedir (see: man (1)
> > chroot), but then you should also make quite a lot binairies (like
> > /bin/cp and /bin/ls) and libraries (like: /lib/...) available in their
> > homedir.
> > It almost never is worth the trouble.
> > With ProFTPd (I guess a FTP-daemon), you users only have to ftp files
> > and and have only a few simple needs: (cd, ls). A shell account users
> > has a lot more needs (like shells, mail-readers, etc.).
> > Take a look at chmod (see: man (1) chmod) and learn how to change the
> > permissions on important files/directories.
> > You should buy a Unix book and learn somethings about basic Unix
> > security. Your question indicates that you lack a lot of simple SysAdmin
> > skils.
> > In a Dutch bookstore, you can find quite a few Linux-books in Dutch.
> > Today, I counted more than 10 different books...
> > > Thanks,
> > >
> > > Rogier Maas
> > Cees.
> I've always found that basic UNIX security is not *really* what it was
> meant for. You must perform quite some tricks to get even the most
> simple thing done.
Huh? What do you mean?
Just 'chmod 400 <file>' or 'chmod 700 <dir>' and your done.
> Take Novell's NetWare for instance. They've got a
> much more secure security-model. Why doesn't UNIX have one? (Because it
> wasn't meant for that, ok).
I can't comment on NetWare, I know next to nothing about Novell.
But this is the first time I have heard anyone call UNIX insecure.
Compaired to what?
Sure, Unix has it's problems, but almost always these are fixed very
quickly. And the access model with user-group-others is sufficient in
almost all cases.
> For instance: Why is it that users can read everything?
They can't. Not the most important files.
They shouldn't be able to change /etc/passwd and shouldn't be able to
even read /etc/shadows.
> I cannot just
> say: I don't want that user to be able to look in that directory. If I'd
> do that, I'd create quite a mess for him/her. If he/she logs in, all
> kinds of errormessages popup saying that it can't find the root path,
Huh? You certainly can...
Not the program files. A user has to read them to execute them. He/she
can find the sources on the web, so he/she is able to know the workings
of your programs in any case.
You are in a SuSE list, so your probably have installed SuSE 6.3. In that
case your shell-users can install the same system at home and know
probably more about it than you do.
The program files are not that important, so why bother.
> I'll look into the chroot stuff, but I'm already thinking about my next
> step: linking the binaries to their original paths. Of course, they
> can't see them, because they have only their own 'private' filesystem...
This is called 'security by obscurity'. It never works in the long run.
Unix is more open. The advantage is that problems are quickly fixed and
I dare to say almost non-exsistent.
If there are security-leaks, they are almost certainly your own doing.
> Problems, problems, problems...
I don't see them.
So your users can see the layout of your system, so what. The most
important fact is that they can't change anything. In most cases a
user can only change/write in his/her homedir and in /tmp. I bet you
have no important files there.
If a user can change other files, you have mis-installed your system
and lack basic SysAdmin skills.
What are you afraid of?
If your are afraid of your users, maybe you shouldn't have them.
To unsubscribe send e-mail to suse-linux-e-unsubscribe@xxxxxxxx
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
|< Previous||Next >|