Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Stop root from writing to directory
Top Forums UNIX for Advanced & Expert Users Stop root from writing to directory Post 303041325 by Neo on Thursday 21st of November 2019 12:05:06 PM
Old 11-21-2019
The true mark of an IT security professional is one who understands that IT security controls are based on the risk management profile of the system; and that these IT security controls can be any combination of three types of controls.

Risk Management ... is founded on the Intersection of:

(1) Threat, (2) Vulnerability and (3) Criticality.

Type of Controls:

(1) Administrative, (2) Physical and (3) Technical.

In the content of the IT security requirements (part of the risk profile).

(1) Confidentiality, (2) Availability and (3) Integrity.

In this post, the original poster has not provided any basic IT security information (above). All risk management profiles are different and require an approach based on the risk profile; and the choice of controls follow the risk profile.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

What files are writing to a directory

Is there a way to tell what files/scripts are writing/wrote to a given directory? (3 Replies)
Discussion started by: hattorihanzo
3 Replies

2. Shell Programming and Scripting

writing script to clean up a directory

I have to do a directory clean up on several machines. The task is as follows: go to a particular directory (cd /xxx) 1. create a directory ' SCRIPTCLEANUP ' ( i KNOW IT) loop through 2. List the directory 3. if directory and start with 'DQA' leave it, 4. if directory or file move it to... (0 Replies)
Discussion started by: ajaya
0 Replies

3. UNIX for Dummies Questions & Answers

how to stop to current directory using find

Hello, I just want to ask the following use of find command: 1. how can I find files only to the current directory? 2. how can I find files to directories and all subdiretories (are this include soft links?) but will not go to other mountpoints that is under that mountpoint. Im combining... (1 Reply)
Discussion started by: james_falco
1 Replies

4. Shell Programming and Scripting

stop unix find on a directory structure after finding 1st occurrence

Hi, Has anyone tried to restrict Solaris 10 unix find on a large directory structure based on time to stop running after finding the first occurrence of a matching query. Basically I'm trying to build up a usage map of user workspaces based on file modification (week/month/3 months/year etc) and... (3 Replies)
Discussion started by: jm0221
3 Replies

5. UNIX for Dummies Questions & Answers

How to display only Owner and directory/sub directory names under particular root

hai, I am new to Unix, I have a requirement to display owner name , directory or sub directory name, who's owner name is not equal to "oasitqtc". (here "oasitqtc" is the owner of the directory or sub directory.) i have a command (below) which will display all folders and sub folders, but i... (6 Replies)
Discussion started by: gagan4599
6 Replies

6. Shell Programming and Scripting

Writing Script to Copy Newest Directory

I am trying to write a script that once executed it will search within a directory and copy only the newest directory that has not been copied before to a new location. Kind of like what ROBOCOPY /M does in windows? The directories are not left in the new location so using a sync action won't... (2 Replies)
Discussion started by: Keriderf
2 Replies

7. Shell Programming and Scripting

Shell script to poll a directory and stop upon an event

Need shell script to: 1/keep polling a directory "receive_dir" irrespective of having files or no files in it. 2/move the files over to another directory "send_dir". 3/the script should only stop polling upon a file "stopfile" get moved to "receive_dir". Thanks !! My script: until do... (0 Replies)
Discussion started by: iaav
0 Replies

8. What is on Your Mind?

Stop Writing Scripts

Please, I beg you, “Stop!” Yes, stop writing scripts and instead build workflows. Programmers, Sys-Admins, System Support, I'm talking to you. Ok, I know in this community I'm going to get some serious backlash for my statements but I truly believe in my statement. There was a time when... (13 Replies)
Discussion started by: mikemazz
13 Replies

9. UNIX for Dummies Questions & Answers

Removing directory with leading hyphen from root directory

I know that this basic question has been asked many times and solutions all over the internet, but none of the are working for me. I have a directory in the root directory, named "-p". # ls -l / total 198 <snip> drwxr-xr-x 4 root root 4096 Dec 3 14:18 opt drwxr-xr-x 2 root ... (2 Replies)
Discussion started by: edstevens
2 Replies

10. Solaris

SunOS confusing root directory and user home directory

Hello, I've just started using a Solaris machine with SunOS 5.10. After the machine is turned on, I open a Console window and at the prompt, if I execute a pwd command, it tells me I'm at my home directory (someone configured "myuser" as default user after init). ... (2 Replies)
Discussion started by: egyassun
2 Replies

LEARN ABOUT FREEBSD

profiles

profiles(1)                                                                                                                            profiles(1)

NAME

       profiles - print execution profiles for a user

SYNOPSIS

       profiles [-l] [ user ...]

       The  profiles  command  prints  on standard output the names of the execution profiles that have been assigned to you or to the optionally-
       specified user or role name. Profiles are a bundling mechanism used to enumerate the commands and authorizations needed to perform  a  spe-
       cific  function.  Along  with  each  listed executable are the process attributes, such as the effective user and group IDs, with which the
       process runs when started by a privileged command interpreter. The profile shells are pfcsh, pfksh, and pfexec. See the pfexec(1) man page.
       Profiles can contain other profiles defined in prof_attr(4).

       Multiple  profiles can be combined to construct the appropriate access control. When profiles are assigned, the authorizations are added to
       the existing set. If the same command appears in multiple profiles, the first occurrence, as determined by the ordering of the profiles, is
       used for process-attribute settings. For convenience, a wild card can be specified to match all commands.

       When profiles are interpreted, the profile list is loaded from user_attr(4). If any default profile is defined in /etc/security/policy.conf
       (see policy.conf(4)), the list of default profiles are added to the list loaded from user_attr(4). Matching entries in prof_attr(4) provide
       the authorizations list, and matching entries in exec_attr(4) provide the commands list.

       The following options are supported:

       -l       Lists the commands in each profile followed by the special process attributes such as user and group IDs.

       Example 1: Sample Output

       The output of the profiles command has the following form:

       example% profiles tester01 tester02
       tester01 : Audit Management, All Commands
       tester02 : Device Management, All Commands
       example%

       Example 2: Using the list Option

       example% profiles -l tester01 tester02
       tester01 :
           Audit Management:
             /usr/sbin/audit          euid=root
             /usr/sbin/auditconfig    euid=root    egid=sys
           All Commands:
             *
       tester02 :
           Device Management:
             /usr/bin/allocate:       euid=root
             /usr/bin/deallocate:     euid=root
           All Commands
             *
       example%

       The following exit values are returned:

       0        Successful completion.

       1        An error occurred.

       /etc/security/exec_attr

       /etc/security/prof_attr

       /etc/user_attr

       /etc/security/policy.conf

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE         |      ATTRIBUTE VALUE        |
       +-----------------------------+-----------------------------+
       |Availability                 |SUNWcsu                      |
       +-----------------------------+-----------------------------+

       auths(1), pfexec(1), roles(1), getprofattr(3SECDB), exec_attr(4), policy.conf(4), prof_attr(4), user_attr(4), attributes(5)

                                                                    11 Feb 2000                                                        profiles(1)
All times are GMT -4. The time now is 02:55 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy