SA-200-s10 第11部分 系统安全

keelee

目标：

  Monitor system access

Switch users on a syste

Control system access

Restrict access to data in files
1）
Monitoring System Access

• Displaying users on the local system
  
• Displaying users on remote systems
  
• Displaying user information
  
• Displaying a record of login activity
  
• Recording failed login attempts

2）
Switching Users on a System

• Introducing the su command
  
  
  
  • Using the whoami command
  
  
• Displaying the effective user ID
  
• Displaying the real user ID
  
• Switching to another regular user
  
• Becoming the root user
  
• Monitoring su attempts
  
  
  
  • Contents of the /etc/default/su file
    [/url]
    
    
  • The CONSOLE variable in the /etc/default/su file
    
  • The SULOG variable in the /etc/default/su file

3）
Controlling System Access

• The /etc/default/login file
  [url=file:///E:/东风汽车/参考文件/sun_ssse/SA200_ESLIDES/SA200/slides/mod11/slide04popup1.html]
  
  
  
  
  • The CONSOLE variable in the /etc/default/login file
    
  • The PASSREQ variable in the /etc/default/login file
  
  
• File Transfer Protocol (FTP) access
  
• The /etc/hosts.equiv and $HOME/.rhosts files
  [/url]
  
  
  
  
  • Entries in the /etc/hosts.equiv and $HOME/.rhosts files
  
  
• The /etc/hosts.equiv file rules
  
• The $HOME/.rhosts file rules

4）
Restricting Access to Data in Files

• Determining a user's group membership
  
• Identifying a user account
  
• Changing file and directory ownership
  
• Changing file and directory group membership
  
• Using file permissions

本文来自ChinaUnix博客，如果查看原文请点：[url]http://blog.chinaunix.net/u/9710/showart_106746.html