- 论坛徽章:
- 0
|
We want to keep our system as secure as possible. To do this, we must change the
default permissions users have for new files and directories they make. We’ll set all
new files and directories to No Access to group or other members.
1. Edit the /etc/bashrc file. Two lines in the file set the umask. One of the two
lines is selected depending on the if statement above them. See if you can
determine which line gets executed for an average user.
2. The if statement tests to see if the user ID (uid) and group ID (gid) are the
same, and that the uid is greater than 99. If this is true, then the first umask
is executed; otherwise, the second is executed. The second umask is for root
and other key system accounts. The first is for users.
3. Change the first umask statement to exclude all permissions for groups and
others. Use umask 077 to do the job.
4. Save and exit the file.
5. Log in as a nonprivileged user. Use the touch command to make a new empty
file. Use ls -l to verify the permissions.
6. Log in as root. Again, use the touch command to make a new empty file and
use ls -l to verify their permissions.
You have just changed the default umask for all shell users.
希望对你有帮助 |
|
免费注册
发表于 2007-10-10 17:54