Unix security - WikiHQ

Unix security refers to the means of securing a Unix or Unix-like operating system.

Design concepts

Permissions

A core security feature in these systems is the file system permissions. All files in a typical Unix filesystem have permissions set enabling different access to a file. Unix permissions permit different users access to a file with different privilege (e.g., reading, writing, execution). Like users, different user groups have different permissions on a file.

User groups

Many Unix implementations add an additional layer of security by requiring that a user be a member of the wheel user privileges group in order to access the <code>su</code> command.

Root access

thumb|Sudo command on Ubuntu to temporarily assume root privileges

Most Unix and Unix-like systems have an account or user group which enables a user to exact complete control over the system, often known as a root account. If access to this account is gained by an unwanted user, this results in a complete breach of the system. A root account however is necessary for administrative purposes, and for the above security reasons the root account is seldom used for day to day purposes (the sudo program is more commonly used), so usage of the root account can be more closely monitored.

User and administrative techniques

Passwords

On many UNIX systems, user and password information, if stored locally, can be found in the <code>/etc/passwd</code> and <code>/etc/shadow</code> file pair.

Viruses and virus scanners

There are viruses and worms that target Unix-like operating systems. In fact, the first computer worm—the Morris worm—targeted Unix systems.

There are virus scanners for UNIX-like systems, from multiple vendors.

References

General

Practical UNIX and Internet Security, Simson Garfinkel and Gene Spafford, O'Reilly & Associates, 2003.