TildeClub
/
tilde.club
mirror of https://github.com/tildeclub/tilde.club.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

some language cleanup and included some reccomendations

michael guldan 2014-10-14 23:45:45 -07:00
parent f3382d7b12
commit b1c4f7b1d8
1 changed files with 22 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
Basic UNIX Security the Tilde way.md

@ -2,7 +2,7 @@
> "Unix is public by default. This means that other people who use the server can see your files. You can change that on a file-by-file basis. You can also change the default behavior for you. It is totally okay to keep your stuff private. Let us show you how."
If it bugs you that someone might be able to look the files in your home directory and you don't want to read any more of this document then run these commands:
Unix was built with a fairly open security policy. It's the kind of system you might expect a bunch of Berkley hippies to design. That said, if it bugs you that someone might be able to look the files in your home directory and you don't want to read any more of this document then run these commands:
cd ~
chmod 711 .
@ -22,17 +22,17 @@ There are several attributes that define a user.
- group id (or gid)
This is a unique numerical id number for your primary user group on the system. User groups are the traditional way that users would colaberate on large projects.
For now we only need to know about the username
For now we only need to know about the username.
#### Welcome to tilde.club, your new home (and homedir)
When you registered for the system, you got an email that contained many things. One of those things was a username, and another was a password. When you logged into the server you were presented with what we call a prompt, and it looked a bit like this:
sh-4.1$
That's boring so type the command `ls -l my_file`
That's boring so type the command `ls -l public_html/index.html`
sh-4.1$ ls -l my_file
rw-rw-r-- 1 youruser youruser 177 Oct 13 04:51 my_file
sh-4.1$ ls -l public_html/index.html
rw-rw-r-- 1 youruser youruser 177 Oct 13 04:51 public_html/index.html
You'll notice that your login shows up, but what does this actually show us?
@ -53,10 +53,9 @@ What does this long file listing of `my_file` show us?
This seems like a lot to take in, but for the purpose of talking about files and security, we'll only need three things: the file permissions, the group owner and the user owner.
- Homework
- Run `ls -la` in your home directory and note the users and permissions of the various files
- Run `ls -l /etc/passwd` and `ls -l /var/log/messages` and compare the permissions and ownership to that of your homedir
- Homework
- Run `ls -la` in your home directory and note the users and permissions of the various files
- Run `ls -l /etc/passwd` and `ls -l /var/log/messages` and compare the permissions and ownership to that of your homedir
### Basics about file and directory permissions
@ -103,13 +102,23 @@ There are three major types of permissions (and a hand full of others)
Examples
- Homework
- `mkdir test` and then try the following `chmod` commands
- `mkdir -p test/01` and then try the following `chmod` commands
chmod u+rwx test
touch
echo "hello world" > test/a_file
ls -l test
chmod ugo-rw test
ls -l test
ls -l test/a_file
#### Basics about the `finger` and `chfn` commands
How to see others in the system using `finger`
Type the command `finger`
Type the command `finger $USER`
How others see you.
@ -120,7 +129,7 @@ creating a `~/.plan` and `~/.project` file that's readable
#### More advanced topics
Looking at the `/etc/passwd` file
Let's look at the `/etc/passwd` file. What is it? It's a file that contains most of the information about users in the system.
- Homework
- `head -10 /etc/passwd`
@ -135,7 +144,7 @@ Back at our command line, lets type the command `id`:
The `id` command is a tool to show us how the system keeps track of us. From this we can see that according to the system, our user ID (or uid) is 501, and our group id is also 501.
- Homework
- Run `id` in yourown directory, then run
- Run `id` in your own directory, then run
- Run `id -u root`
- use the `grep` command to find your uid in the `/etc/passwd` file