Linux Today: Linux News On Internet Time.

Enterprise Networking Planet: Keep a Lid on Linux Logins

Oct 30, 2006, 10:00 (0 Talkback[s])
(Other stories by Charlie Schluting)

"When asked about security on a multi-user Linux system, a wise man once said 'everyone is root if you allow them to login as a user.' There is plenty of truth in that, but embracing imminent compromise isn't always acceptable. Let's take a look at how you can limit your exposure while letting unknown and untrusted users login with a shell.

"There are two groups of people who typically want to heavily restrict login users. First, the collaborators: possibly two separate organizations that have been forced to work together. Second, people who wish to allow some shady characters access to a shell but believe they may attempt to compromise security. If at all possible, the best policy is to simply not give access out, and if you do, make sure patches are applied daily..."

Complete Story

Related Stories: