10-11-2010
Thanks vbe.
As professional Systems Administrators we are in the business of accident prevention. As many posters will have noticed I am concerned about Administrators making changes to a system based on information from a website rather than from informed personal knowledge backed with professional training.
---------- Post updated at 16:39 ---------- Previous update was at 16:30 ----------
What worried me most was this:
Quote:
find / -type d -user root -perm /o=w
Imho. In the context of the original post shows no understanding of unix permissions whatsoever. I could be wrong (please feel free to advise).
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
I am trying to write a CGI program which accesses UNIX configuration files and changes them as required.
The thing is, I don't want the CGI program to be "root" owned - it's Perl based! Is there any way that the Perl CGI program can request a username and password - and then use this to... (1 Reply)
Discussion started by: WIntellect
1 Replies
2. AIX
Hi Group,
Could someone tell me how to find world writable files on my server? I can use find command in conjuction with -perm option and I will get an output. But what I need is an output which looks similar to ls -l output. Meaning, it should give me the full path of the file along with the... (1 Reply)
Discussion started by: matifr
1 Replies
3. UNIX for Dummies Questions & Answers
Hello,
i just wanted to know how do i find out the list of users whose terminal is writable?i mean i used
who -T
but this gives a list of all users whose terminal is writable or blocked and not writable. So how do i do this?I am new to Unix. (2 Replies)
Discussion started by: salman4u
2 Replies
4. UNIX for Dummies Questions & Answers
I've tried to figure this out.
I'm only about 6 mos into my AIX admin duties, but I've got a "security" problem I can't figure out.
I've created a sub directory as follows:
drwx------ 2 root system 256 Apr 13 16:02 mike
I've logged in another session with the following user:
$ id... (2 Replies)
Discussion started by: mpheine
2 Replies
5. UNIX for Dummies Questions & Answers
Hi,
I want to know if the is a way I can list the directories owned by a given user. Say i am logged in as that user.
I found out the find command lists the files owned by a certain user/group
but i want to know only the directories and if possible the permissions associated with these... (6 Replies)
Discussion started by: poojabhat
6 Replies
6. AIX
Good day. I was looking at implementing a chroot environment using openssh. I know I can use the sshd_config file and dictate that it is to use chroot for a specific directory for a user/group. However, the issue with this is that it is has to be root owned. To my knowledge, there is no mount... (0 Replies)
Discussion started by: smurphy_it
0 Replies
7. AIX
Hi
I'm logged in to an AIX box now and we need to do an audit on this box.
cbssapr01:# pwd
/
Which command will show all the files and directories owned by root user with permissions as 777 ? (8 Replies)
Discussion started by: newtoaixos
8 Replies
8. UNIX for Dummies Questions & Answers
Hello.
On my family laptop, I have a directory named /local.
It is owned by root.
I want to create a sub-directory named documents ( /local/documents ).
I want to exclude exec for every body in that directory
I want every authenticated linux user can create a sub directory ( ie :... (7 Replies)
Discussion started by: jcdole
7 Replies
9. Shell Programming and Scripting
what is wrong with this script?
I get:
./perm.sh: command substitution: line 21: unexpected EOF while looking for matching `"'
./perm.sh: command substitution: line 22: syntax error: unexpected end of file
Script:
#!/bin/bash
for dir in `/bin/cat /etc/passwd | /bin/egrep -v... (4 Replies)
Discussion started by: greenja9
4 Replies
10. Ubuntu
I want to zip up my fstab file for backup purposes.
This does not work because of permission issues.
cd /etc/
zip -u fstab.zip fstab
Can I use this with zip?
echo xxx | sudo -S
or change fstab owner to me? (3 Replies)
Discussion started by: drew77
3 Replies
LEARN ABOUT DEBIAN
pam_securetty
PAM_SECURETTY(8) Linux-PAM Manual PAM_SECURETTY(8)
NAME
pam_securetty - Limit root login to special devices
SYNOPSIS
pam_securetty.so [debug]
DESCRIPTION
pam_securetty is a PAM module that allows root logins only if the user is logging in on a "secure" tty, as defined by the listing in
/etc/securetty. pam_securetty also checks to make sure that /etc/securetty is a plain file and not world writable.
This module has no effect on non-root users and requires that the application fills in the PAM_TTY item correctly.
For canonical usage, should be listed as a required authentication method before any sufficient authentication methods.
OPTIONS
debug
Print debug information.
MODULE TYPES PROVIDED
Only the auth module type is provided.
RETURN VALUES
PAM_SUCCESS
The user is allowed to continue authentication. Either the user is not root, or the root user is trying to log in on an acceptable
device.
PAM_AUTH_ERR
Authentication is rejected. Either root is attempting to log in via an unacceptable device, or the /etc/securetty file is world
writable or not a normal file.
PAM_INCOMPLETE
An application error occurred. pam_securetty was not able to get information it required from the application that called it.
PAM_SERVICE_ERR
An error occurred while the module was determining the user's name or tty, or the module could not open /etc/securetty.
PAM_USER_UNKNOWN
The module could not find the user name in the /etc/passwd file to verify whether the user had a UID of 0. Therefore, the results of
running this module are ignored.
EXAMPLES
auth required pam_securetty.so
auth required pam_unix.so
SEE ALSO
securetty(5), pam.conf(5), pam.d(5), pam(7)
AUTHOR
pam_securetty was written by Elliot Lee <sopwith@cuc.edu>.
Linux-PAM Manual 06/04/2011 PAM_SECURETTY(8)