Scribd
Upload
12 views11 pages

Lecture-3.3 - Linux Security

Uploaded by

himanshu.gidwani16
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
12 views11 pages

Lecture-3.3 - Linux Security

Uploaded by

himanshu.gidwani16
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Understanding Linux Security

Dr. Vimal Kr Baghel (Course Instructor), Assistant Professor


School of Computer Science Engineering & Technology (SCSET)
Bennett University Greater Noida
Linux Security

Password file

Outline
Shadow file

Q&A
Understanding Linux File Permissions

• We need mechanism to protect files against


unauthorized access ?

• The Linux system follows the Unix method of file


permissions, allowing individual users and groups
access to files based on a set of security settings for
each file and directory.
Linux Security
The core of the Linux security system is the user account

The permissions are based on user account, and are tracked with numeric UID

Login name of 8 characters or less

The Linux system uses special files and utilities to track and manage user accounts on the
system to understand how to use them when working with file permissions.
How Linux handles user accounts?
The /etc/passwd file
To match the login name to a corresponding UID value.

UID is 0 for root

System user account

Linux reserves UIDs below 500 for system accounts.

First UID starts from 501 usually


The /etc/passwd file
Every service that runs in background on a Linux server has its own user account
to log in with. Why?

The /etc/passwd file contains much more than just the login name and UID for
the user.

The /etc/passwd file is a standard text file.

We can use any text editor to manually perform user management functions such
as adding, modifying, or removing user accounts directly in the /etc/passwd file.
Field in /etc/passwd
• The fields of the /etc/passwd file contain the following information:
■ The login username
■ The password for the user
■ The numerical UID of the user account
■ The numerical group ID (GID) of the user account
■ A text description of the user account (called the comment field)
■ The location of the HOME directory for the user
■ The default shell for the user
The /etc/passwd file
/etc/shadow
• Most Linux systems hold user passwords in a separate file

• Only root can use it

• The /etc/shadow file contains one record for each user account on the system.

• A record looks like this:


• rich:$1$.FfcK0ns$f1UgiyHQ25wrB/hykCn020:1[Link]
:
Fields in /etc/shadow file
• There are nine fields in each /etc/shadow fi le record:
• The login name corresponding to the login name in the /etc/passwd fi le
• The encrypted password
• The number of days since January 1, 1970, that the password was last changed
• The minimum number of days before the password can be changed
• The number of days before the password must be changed
• The number of days before password expiration that the user is warned to
change the password
• The number of days after a password expires before the account will be
disabled
• The date (stored as the number of days since January 1, 1970) since the user
account was disabled
• A field reserved for future use
Thanks
Q&A

You might also like