February 2020
Intermediate to advanced
666 pages
15h 45m
English
Content preview from Mastering Linux Security and Hardening - Second Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Securing system configuration files
If you look at the configuration files for any given Linux distro, you'll see that most of them belong to either the root user or to a specified system user. You'll also see that most of these files have read and write privileges for their respective owners, and read privileges for everyone else. This means that everybody and his brother can read most Linux system configuration files. Take, for example, this Apache web server configuration file:
[donnie@donnie-ca ~]$ cd /etc/httpd/conf[donnie@donnie-ca conf]$ pwd/etc/httpd/conf[donnie@donnie-ca conf]$ ls -l httpd.conf -rw-r--r--. 1 root root 11753 Aug 6 09:44 httpd.conf[donnie@donnie-ca conf]$
With that r in the "others" position, everybody who logs in, ...