Thursday, March 19, 2009

Linux Security Permissions...

I had just installed the latest Ubuntu on a machine last night and got a couple users set up then I noticed something wrong.. Something seriously wrong... All of the users had access to each other's home directories. I believe this is true of all Ubuntu installs these days and I'm not quite sure why it's set up that way but here's how to clean it up a bit...
This was done in Linux Ubuntu...

I will assume that you are the owner of $home/user

I will also assume that you know how to open a Shell and enter some commands. The one we are going to use here is called CHMOD.

First a bit about how hexadecimal based file permissions work. The order of our three digit number XXX is;

Read =4
Write =2
eXecute =1

And the three XXX's are like USER/GROUP/WORLD permissions.

So to figure this out you simply add up your permissions. If you wanted to give full permissions you would add 4+2+1=7 therefore if you wanted to give everyone access to everything you would set your XXX to 777 but this would be insanity as your files would not last very long in a human world :)

I suggest you give user full permission so XXX looks like 7 groups should have read and write access so set that one to 5, remember read=4 + eXecute=1 so we got 5... your XXX now looks like 75X. So what about the rest of the world? well since some things like web pages need some sort of basic access to files we will set Read on the last bit so the now looks like 754.

So now you have files that you don't want other users to have access to in $home/user/MyPrivateFiles

The linux command to do this (REMEMBER TO SUDO or ROOT)

chmod -R 754 $home/user/MyPrivateFiles

the -R command will recursively go into each directory and modify the permissions of the files contained in MyPrivateFiles...

Hope that helps you secure your machine,
Cheers!

No comments:

Post a Comment