Hello, Do you guys know how does the root user works in this system?
from the terminal i try to su to root, and i thought the password was the same as the macosx password, at the /etc/passwd file the passwd field appears as *, so it's system bussines only, is there a way to become root? i... (6 Replies)
This may be a dumb question, but I've been wondering why programs such as ping and traceroute must be setuid? Are there some restrictions which prevent normal users from accessing the world via sockets?
$ pwd
/bin
$ ls -l ping traceroute
-rwsr-xr-x 1 root root 35616 Apr 7 2005 ping... (1 Reply)
Hi,
I want the user to enter only numeric values and also he should only enter
2 digits only ( eg 23 or 23 or 03 any 2 digits)
For the above purpose how should i declare my variable ?
integer value
if I read 03 in variable value then it gives me error ...also user can enter n number... (4 Replies)
Hi,
Im working for a company that has over 400+ unix/solaris boxes.
Obviously when we get a new unix guy join the company, its take us AGES to set them up on all these boxes.
Can people recommend any programs/packages that can be added to our unix/solaris boxes to make this easier?
... (2 Replies)
Hello,
For one of our servers, we have had people trying to illegally loggon using the ssh service.
My manager has asked me to restrict ssh access to users in our internal network but close ssh access to the "outside" world.
Could someone at the very least point me to some resources on the... (7 Replies)
Hi
I am trying to automate the install of a package, I realise that I need to create an admin file, but as part of the install I am asked if I want to install these as setuid/setgid files, I want to say yes.
What value am I supposed to use for setuid= in the admin file
Thanks (1 Reply)
Hi,
I need to work on restricting the Linux commands to the ADMIN user to some extent. It means for example, Admin users should not use passwd command to change the password of "root" or other important accounts like oracle, etc.,
So, I want to know which commands should be restricted upto which... (5 Replies)
Hey guys,
Suppose i run passwd via bash shell. It is a suid program, which temporarily runs as root(owner) and modifies the user entries.
However, when i write a C file and give 4755 permission and root ownership to the 'a.out' file , it doesn't run as root in bash shell. I verified this by... (2 Replies)
Just learning about the privilege escalation method provided by setuid. Correct me if I am wrong but what it does is change the uid of the current process to whatever uid I set. Right ?
So what stops me from writing my own C program and calling setuid(0) within it and gaining root privileges ?
... (2 Replies)
I'm trying - as an ordinary user - to create a file in the root directory of my system. For that purpose I wrote a simple script that echoes a string into a file. I made the file executable, used sudo to change ownership to root. Like this:
$ cat hello
#!/bin/bash
echo hello > /hello
$... (5 Replies)
Discussion started by: Ralph
5 Replies
LEARN ABOUT FREEBSD
audit
AUDIT(8) BSD System Manager's Manual AUDIT(8)NAME
audit -- audit management utility
SYNOPSIS
audit -e | -i | -n | -s | -t
DESCRIPTION
The audit utility controls the state of the audit system. One of the following flags is required as an argument to audit:
-e Forces the audit system to immediately remove audit log files that meet the expiration criteria specified in the audit control file
without doing a log rotation.
-i Initializes and starts auditing. This option is currently for Mac OS X only and requires auditd(8) to be configured to run under
launchd(8).
-n Forces the audit system to close the existing audit log file and rotate to a new log file in a location specified in the audit con-
trol file. Also, audit log files that meet the expiration criteria specified in the audit control file will be removed.
-s Specifies that the audit system should [re]synchronize its configuration from the audit control file. A new log file will be cre-
ated.
-t Specifies that the audit system should terminate. Log files are closed and renamed to indicate the time of the shutdown.
NOTES
The auditd(8) daemon must already be running. Optionally, it can be configured to be started on-demand by launchd(8) (Mac OS X only). The
audit utility requires audit administrator privileges for successful operation.
FILES
/etc/security/audit_control Audit policy file used to configure the auditing system.
SEE ALSO audit(4), audit_control(5), auditd(8), launchd(8)HISTORY
The OpenBSM implementation was created by McAfee Research, the security division of McAfee Inc., under contract to Apple Computer Inc. in
2004. It was subsequently adopted by the TrustedBSD Project as the foundation for the OpenBSM distribution.
AUTHORS
This software was created by McAfee Research, the security research division of McAfee, Inc., under contract to Apple Computer Inc. Addi-
tional authors include Wayne Salamon, Robert Watson, and SPARTA Inc.
The Basic Security Module (BSM) interface to audit records and audit event stream format were defined by Sun Microsystems.
BSD January 29, 2009 BSD