security

**dvdljns** · 05-09-2009

I need to change the way security is handled. I only need 4 groups. root,superuser,user,and guest.
Right now there seems to be hundreds of groups. I need to change that and the ownership of all the programs. Is there an easy way to do this.

**dvdljns** · 05-09-2009

how do I create a gshodow file. running search on it finds a lot of info. But nothing that tells me how build one.

**Jonathan183** · 05-09-2009

Originally Posted by dvdljns

I need to change the way security is handled. I only need 4 groups. root,superuser,user,and guest.
Right now there seems to be hundreds of groups. I need to change that and the ownership of all the programs. Is there an easy way to do this.

Why do you want to do this?

**dvdljns** · 05-10-2009

Originally Posted by Jonathan183

Why do you want to do this?

Because it sucks.

I have used MS since dos and never had a pc hacked. This system is so peranoid it interferes with me working on it.

All I need is four groups. tomcat does not need it's on group neither does audio etc.

**Jonathan183** · 05-10-2009

I suggest you stick with the groups created ... all you need to do is add your user to required groups like audio, video, optical ... and for the system administrator wheel.
Removing groups and playing with rights and groups will cause you all sorts of problems ...

... if you really want to change ownership of files and folders then chown will do that. To change access rights you can use chmod ... Before you start doing that I suggest you have a quick look here and make sure you understand permissions.

... IMO what you are trying to do is a bad move - but your the admin for your system.

... as for Windows security and ease of use - the default make everyone a computer administrator is one of the worst ideas from a security viewpoint. Having had to clear Windows systems of virus infections on several occasions has demonstrated that to me.

**dvdljns** · 05-11-2009

Originally Posted by Jonathan183

I suggest you stick with the groups created ... all you need to do is add your user to required groups like audio, video, optical ... and for the system administrator wheel.
Removing groups and playing with rights and groups will cause you all sorts of problems ...

Ihear that. I just reloaded from doing that but I can clean a viris off my comp but can not work like this. Since I reloaded I just deleted my user name and am running it in root.

... if you really want to change ownership of files and folders then chown will do that. To change access rights you can use chmod ... Before you start doing that I suggest you have a quick look here and make sure you understand permissions.

Thanks I will.

... as for Windows security and ease of use - the default make everyone a computer administrator is one of the worst ideas from a security viewpoint. Having had to clear Windows systems of virus infections on several occasions has demonstrated that to me.

I am only admin on my windows machine when I log in as admin, But there is still a lot I can do as user. I was trying to setup a test site on apache. Could not. Running a search resulted in logging in as su on a console then modding the html files but when I tried i could not. Checking the permissions I saw the only one who could was the owner. That was listed as tomcat. I am guessing it will be around five years before I can replace any of my windows servers with linux. I might be able to set it up where it switches over to a nt sever if something happened to a linux server but it makes more sense to keep a system that works until I am sure I can maintain this one.

May be less time but who knows, Right now nothing make sense in linux. I live for the day I can build my own. It will not be like any linux out there. Every body complains about windows security but if you are willing to learn windows scripting it can be made really tight. The problem is most people does not even bother closing ports that are not used.

**gogalthorp** · 05-11-2009

Running as root is a very bad idea, it opens you up to a complete takeover of your server. Others do not seem to have a problem with the security model of Unix/Linux and even Windows is tightening its security. Just as it is a bad idea to run everything in administrator mode in windows it is likewise a bad idea to run everything as root under Linux.

As a user you need to be a member of the Tomcat group. If you are root you have full permission to edit anything.

**elsadsis** · 05-15-2009

Originally Posted by gogalthorp

Running as root is a very bad idea, it opens you up to a complete takeover of your server. Others do not seem to have a problem with the security model of Unix/Linux and even Windows is tightening its security. Just as it is a bad idea to run everything in administrator mode in windows it is likewise a bad idea to run everything as root under Linux.

As a user you need to be a member of the Tomcat group. If you are root you have full permission to edit anything.

?????????????

Thread Tools

Display

security

Posting Permissions