Welcome to Linux Forums!

With a comprehensive Linux Forum, information on various types of Linux software and many Linux Reviews articles, we have all the knowledge you need a click away, or accessible via our knowledgeable members.

Linux Forum ArticlesLinux ForumsLinux Forum DownloadsLinux HostsFree MagazinesJobs
Home|Register|FAQ|Member List|Calendar|Unanswered Posts|Forum Rules|Today's Posts|Advanced Search|
SEARCH FOR IN
Go Back   Linux Forums > Your Distro > Redhat / Fedora Linux Help
Reload this Page User security guidelines
Linux Forums
Linux Forums
Welcome To The Linux Forums!
Welcome to Linux Forums. We pride ourselves in being one of the largest Linux communities on the web, we encourage you to REGISTER on our forums and participate in the community. There are over 150,000 members ready to answer your questions. JOINING US today will allow you to make new posts, get support, send messages to other members and submit downloads to our downloads directory and many other great features!

Redhat / Fedora Linux Help Help and discussion related to Redhat and Fedora Linux.

Reply
 
Thread Tools Display Modes
Old 12-31-2004   #1 (permalink)
Just Joined!
 
Join Date: Dec 2004
Posts: 4
User security guidelines
Hello.
I'm still kind of a linux noob and I want to be sure I am doing things right. I've searched though this --and other-- forums and still havent found the answer to my problem. Here goes

I installed a Fedora core 3 server with SELinux.
webmin
vsftp
mysql
apache

I created a new user to use for the ftp site and mysql database but I believe that the permissions are way too lax. For example my new user can go and browse the root directory. He cannot modify files but I see it as a sign I did something wrong.

I don't see any general options for regulating what users can see and do what. Do I have to put this user in a particular group to limit the permissions they have on files (like browsing my root folder)?

I have a windows NT backgrouond so maybe I'm going about this all wrong. How do I create users that can use thir home directory in FTP, use mysql databases, and little else? What is the methodology for these things?

In addition to your replies, any useful links would also be appreciated.

Thanks for your help.

Scott
msdemich is offline   Reply With Quote
Old 12-31-2004   #2 (permalink)
Linux Guru
 
lakerdonald's Avatar
 
Join Date: Jun 2004
Location: St. Petersburg, FL
Posts: 5,039
can you post the output of:
Code:
ls -l root
-lakerdonald
__________________
the lost art of found sound
lakerdonald is offline   Reply With Quote
Old 12-31-2004   #3 (permalink)
Just Joined!
 
Join Date: Dec 2004
Posts: 4
When logged in as the user I created (not root)

Code:
$ ls -l root
ls: root: No such file or directory
msdemich is offline   Reply With Quote
Old 12-31-2004   #4 (permalink)
Linux Guru
 
lakerdonald's Avatar
 
Join Date: Jun 2004
Location: St. Petersburg, FL
Posts: 5,039
er:
Code:
ls -l /root
-lakerdonald
__________________
the lost art of found sound
lakerdonald is offline   Reply With Quote
Old 12-31-2004   #5 (permalink)
Just Joined!
 
Join Date: Dec 2004
Posts: 4
sorry, I'm still a noob

Code:
$ ls -l /root
ls: /root: Permission denied
I would assume that this is a good sign but what about being able to "cd .." all the way back from my home dir. Should my user be able to do that? Shouldn't a user jsut be able to see his home dir and any dirs created from there?
msdemich is offline   Reply With Quote
Old 12-31-2004   #6 (permalink)
Linux Guru
 
lakerdonald's Avatar
 
Join Date: Jun 2004
Location: St. Petersburg, FL
Posts: 5,039
no, users are allowed to enter the '/' directory.
and try: "ls -l /root" as root
-lakerdonald
__________________
the lost art of found sound
lakerdonald is offline   Reply With Quote
Old 12-31-2004   #7 (permalink)
Just Joined!
 
Join Date: Dec 2004
Posts: 4
Code:
[root@amber ~]# ls -l /root
total 128
-rw-r--r--  1 root root  1221 Dec 29 21:09 anaconda-ks.cfg
-rw-r--r--  1 root root 13079 Dec 30 00:41 ddd
-rw-r--r--  1 root root 52149 Dec 29 21:09 install.log
-rw-r--r--  1 root root 13586 Dec 29 21:08 install.log.syslog
-rw-r--r--  1 root root  5845 Dec 29 21:34 public.gpg.key
drwxr-xr-x  6 root bin   4096 Dec 13 10:10 vsftpd
Quote:
no, users are allowed to enter the '/' directory
So this is normal?



EDIT: Thank you much for your replies.
msdemich is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off
 

Free Magazines
Cisco News
Receive a free quarterly e-newsletter with exclusive articles on how Cisco IT uses its own products and solutions to enable the business.
subscribe
Systems Management News, the newspaper for IT systems administration and data center managers!
Each issue of Systems Management News is chock-full of news and analysis to help you understand what's happening in your field.
subscribe
The Enterprise Newsweekly
eWeek is the essential technology information source for builders of e-business.
subscribe
Oracle Magazine
Oracle Magazine contains technology strategy articles, sample code, tips, Oracle and partner news, how to articles for developers and DBAs, and more. Oracle (NASDAQ: ORCL) is the world's largest enterprise software company.
subscribe
Total Telecom
Total Telecom is "The Economist of the communications industry".
subscribe
More free magazines »



All times are GMT. The time now is 01:43 AM.



Contact Us | Advertise | Archive | Top
© 2000 - 2008 - All Rights Reserved - Property of  MAS Media

Content Relevant URLs by vBSEO 3.2.0