|
|
Sponsored Content
Operating Systems
Linux
Red Hat
secure file permissions!
Post 302484551 by fpmurphy on Saturday 1st of January 2011 09:56:47 AM
01-01-2011
|
|
9 More Discussions You Might Find Interesting
1. Solaris
I am using shell script to do secure ftp. I have done key file setup to do password less authentication. Following are the FTP Details:
FTP Client has Sun SSH.
FTP Server has F-Secure.
I am using SCP Command to do secure copy files. When I am doing this, I am getting the foll error
scp:... (2 Replies)
Discussion started by: ftpguy
2 Replies
2. Cybersecurity
Hi guys,
I would like to transfer files from UNIX machine to Mainframe system (using UNIX machine as client). The transfer process needs to be secure (i.e. data sent thro network should be encrypted using 128-bit encryption algorithm). I came to know that SFTP server is not available for Mainframe... (3 Replies)
Discussion started by: sydneymoon
3 Replies
3. Shell Programming and Scripting
Hi all, I am running a large scale business and some time I have to transfer large and very important data files to my business partner. I fear about my data because there are many of my business competitors who will definitely try to steal my important data. So there is huge amount of risk... (0 Replies)
Discussion started by: camden
0 Replies
4. Shell Programming and Scripting
Hi,
Is there any protocol other than SFTP to transfer the file using secured connection SSH. ?
Regards,
Arthik (2 Replies)
Discussion started by: arthikbabu
2 Replies
5. HP-UX
Hi,
I am a Unix Admin. I have to give the permissions to a user for creating new file in a directory in HP-Ux 11.11 system since he cannot able to create a new file in the directory.
Thanks in advance.
Mike (3 Replies)
Discussion started by: Mike1234
3 Replies
6. Solaris
Dear All,
I have a problem with starting process of crystal report by running script(ccm.sh, bobjerestart.sh). I found these error
ld.so.1: nohup: warning: libhoard.so.1: open failed: No such file in secure directories
ld.so.1: sh: warning: libhoard.so.1: open failed: No such... (0 Replies)
Discussion started by: unitipon
0 Replies
7. UNIX for Advanced & Expert Users
Sun Microsystems Inc. SunOS 5.9
I am hoping someone has come across this before. I have a script that transfers several gz files via Secure FTP across to an SFTP server on an NT machine.
The transfers show as successful:
pack12_200812160337.tar.gz | 768kB | 768kB/s | ETA: 00:00:01 | 37%... (5 Replies)
Discussion started by: ronnie_uk
5 Replies
8. Shell Programming and Scripting
Hi, I am creating a ksh script to search for a string of text inside files within a directory tree. Some of these file are going to be read/execute only. I know to use chmod to change the permissions of the file, but I want to preserve the original permissions after writing to the file. How can I... (3 Replies)
Discussion started by: right_coaster
3 Replies
9. UNIX for Dummies Questions & Answers
I have extremely limited programming experience so please go slowly!
I am remotely logged in to a secure network cluster via my username at my school through terminal. I'm trying to download a file from my account on the cluster to my desktop on a guest account on my mac.
I tried doing this:... (1 Reply)
Discussion started by: smashingdols
1 Replies
LEARN ABOUT LINUX
selinux
selinux(8) SELinux Command Line documentation selinux(8) NAME
SELinux - NSA Security-Enhanced Linux (SELinux) DESCRIPTION
NSA Security-Enhanced Linux (SELinux) is an implementation of a flexible mandatory access control architecture in the Linux operating sys- tem. The SELinux architecture provides general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement(R), Role- Based Access Control, and Multi-Level Security. Background information and tech- nical documentation about SELinux can be found at http://www.nsa.gov/selinux. The /etc/selinux/config configuration file controls whether SELinux is enabled or disabled, and if enabled, whether SELinux operates in permissive mode or enforcing mode. The SELINUX variable may be set to any one of disabled, permissive, or enforcing to select one of these options. The disabled option completely disables the SELinux kernel and application code, leaving the system running without any SELinux protection. The permissive option enables the SELinux code, but causes it to operate in a mode where accesses that would be denied by pol- icy are permitted but audited. The enforcing option enables the SELinux code and causes it to enforce access denials as well as auditing them. Permissive mode may yield a different set of denials than enforcing mode, both because enforcing mode will prevent an operation from proceeding past the first denial and because some application code will fall back to a less privileged mode of operation if denied access. The /etc/selinux/config configuration file also controls what policy is active on the system. SELinux allows for multiple policies to be installed on the system, but only one policy may be active at any given time. At present, two kinds of SELinux policy exist: targeted and strict. The targeted policy is designed as a policy where most processes operate without restrictions, and only specific services are placed into distinct security domains that are confined by the policy. For example, the user would run in a completely unconfined domain while the named daemon or apache daemon would run in a specific domain tailored to its operation. The strict policy is designed as a pol- icy where all processes are partitioned into fine-grained security domains and confined by policy. It is anticipated in the future that other policies will be created (Multi-Level Security for example). You can define which policy you will run by setting the SELINUXTYPE environment variable within /etc/selinux/config. The corresponding policy configuration for each such policy must be installed in the /etc/selinux/SELINUXTYPE/ directories. A given SELinux policy can be customized further based on a set of compile-time tunable options and a set of runtime policy booleans. sys- tem-config-securitylevel allows customization of these booleans and tunables. Many domains that are protected by SELinux also include SELinux man pages explaining how to customize their policy. FILE LABELING
All files, directories, devices ... have a security context/label associated with them. These context are stored in the extended attributes of the file system. Problems with SELinux often arise from the file system being mislabeled. This can be caused by booting the machine with a non SELinux kernel. If you see an error message containing file_t, that is usually a good indicator that you have a serious problem with file system labeling. The best way to relabel the file system is to create the flag file /.autorelabel and reboot. system-config-securitylevel, also has this capability. The restorcon/fixfiles commands are also available for relabeling files. AUTHOR
This manual page was written by Dan Walsh <dwalsh@redhat.com>. SEE ALSO
booleans(8), setsebool(8), selinuxenabled(1), togglesebool(8), restorecon(8), setfiles(8), ftpd_selinux(8), named_selinux(8), rsync_selinux(8), httpd_selinux(8), nfs_selinux(8), samba_selinux(8), kerberos_selinux(8), nis_selinux(8), ypbind_selinux(8) FILES
/etc/selinux/config dwalsh@redhat.com 29 Apr 2005 selinux(8)