This article relies largely or entirely on a single source. Relevant discussion may be found on the talk page. Please help improve this article by introducing citations to additional sources. Find sources: "Unix security" – news · newspapers · books · scholar · JSTOR(April 2024)
A core security feature in these systems is the file system permissions. All files in a typical Unix filesystem have permissions set enabling different access to a file. Unix permissions permit different users access to a file with different privilege (e.g., reading, writing, execution). Like users, different user groups have different permissions on a file.
User groupsedit
Many Unix implementations add an additional layer of security by requiring that a user be a member of the wheeluser privileges group in order to access the su command.[1]
Root accessedit
Sudo command on Ubuntu to temporarily assume root privileges
Most Unix and Unix-like systems have an account or group which enables a user to exact complete control over the system, often known as a root account. If access to this account is gained by an unwanted user, this results in a complete breach of the system. A root account however is necessary for administrative purposes, and for the above security reasons the root account is seldom used for day to day purposes (the sudo program is more commonly used), so usage of the root account can be more closely monitored. [citation needed]
User and administrative techniquesedit
Passwordsedit
Selecting strong passwords and guarding them properly are important for Unix security. [citation needed]
On many UNIX systems, user and password information, if stored locally, can be found in the /etc/passwd and /etc/shadow file pair.
Software maintenanceedit
Patchingedit
Operating systems, like all software, may contain bugs in need of fixing or may be enhanced with the addition of new features; many UNIX systems come with a package manager for this. Patching the operating system in a secure manner requires that the software come from a trustworthy source and not have been altered since it was packaged. Common methods for verifying that operating system patches have not been altered include the use of the digital signature of a cryptographic hash, such as a SHA-256 based checksum, or the use of read-only media.[citation needed]
Viruses and virus scannersedit
There are viruses and worms that target Unix-like operating systems. In fact, the first computer worm—the Morris worm—targeted Unix systems.
Network firewall protects systems and networks from network threats which exist on the opposite side of the firewall. Firewalls can block access to strictly internal services, unwanted users and in some cases filter network traffic by content.[citation needed]
iptablesedit
This section's factual accuracy may be compromised due to out-of-date information. The reason given is: Iptables is no longer the "current interface". Please help update this article to reflect recent events or newly available information.(January 2014)
iptables is the current user interface for interacting with Linux kernel netfilter functionality. It replaced ipchains. Other Unix like operating systems may provide their own native functionality and other open source firewall products exist.
Referencesedit
^Levi, Bozidar (2002). UNIX Administration: A Comprehensive Sourcebook for Effective Systems and Network Management. CRC Press. p. 207. ISBN0-8493-1351-1.
Generaledit
Practical UNIX and Internet Security, Simson Garfinkel and Gene Spafford, O'Reilly & Associates, 2003.
External linksedit
Wikibooks has a book on the topic of: UNIX Computing Security
Wikiversity has learning resources about Unix security
The Unix Security Model for web server administration 2006-10-04 at the Wayback Machine Robert K. Moniot 2000
Robert B. Reinhardt 1993
January 01, 1970
unix, security, this, article, multiple, issues, please, help, improve, discuss, these, issues, talk, page, learn, when, remove, these, template, messages, this, article, relies, largely, entirely, single, source, relevant, discussion, found, talk, page, pleas. This article has multiple issues Please help improve it or discuss these issues on the talk page Learn how and when to remove these template messages This article relies largely or entirely on a single source Relevant discussion may be found on the talk page Please help improve this article by introducing citations to additional sources Find sources Unix security news newspapers books scholar JSTOR April 2024 This article includes a list of general references but it lacks sufficient corresponding inline citations Please help to improve this article by introducing more precise citations April 2024 Learn how and when to remove this message This article needs additional citations for verification Please help improve this article by adding citations to reliable sources Unsourced material may be challenged and removed Find sources Unix security news newspapers books scholar JSTOR September 2014 Learn how and when to remove this message Learn how and when to remove this message Unix security refers to the means of securing a Unix or Unix like operating system Contents 1 Design concepts 1 1 Permissions 1 2 User groups 1 3 Root access 2 User and administrative techniques 2 1 Passwords 3 Software maintenance 3 1 Patching 4 Viruses and virus scanners 5 Firewalls 5 1 iptables 6 References 6 1 General 7 External linksDesign concepts editPermissions edit Main article File system permissions A core security feature in these systems is the file system permissions All files in a typical Unix filesystem have permissions set enabling different access to a file Unix permissions permit different users access to a file with different privilege e g reading writing execution Like users different user groups have different permissions on a file User groups edit Many Unix implementations add an additional layer of security by requiring that a user be a member of the wheel user privileges group in order to access the su command 1 Root access edit nbsp Sudo command on Ubuntu to temporarily assume root privileges Most Unix and Unix like systems have an account or group which enables a user to exact complete control over the system often known as a root account If access to this account is gained by an unwanted user this results in a complete breach of the system A root account however is necessary for administrative purposes and for the above security reasons the root account is seldom used for day to day purposes the sudo program is more commonly used so usage of the root account can be more closely monitored citation needed User and administrative techniques editPasswords edit Selecting strong passwords and guarding them properly are important for Unix security citation needed On many UNIX systems user and password information if stored locally can be found in the etc passwd and etc shadow file pair Software maintenance editPatching edit Operating systems like all software may contain bugs in need of fixing or may be enhanced with the addition of new features many UNIX systems come with a package manager for this Patching the operating system in a secure manner requires that the software come from a trustworthy source and not have been altered since it was packaged Common methods for verifying that operating system patches have not been altered include the use of the digital signature of a cryptographic hash such as a SHA 256 based checksum or the use of read only media citation needed Viruses and virus scanners editThere are viruses and worms that target Unix like operating systems In fact the first computer worm the Morris worm targeted Unix systems There are virus scanners for UNIX like systems from multiple vendors Firewalls editNetwork firewall protects systems and networks from network threats which exist on the opposite side of the firewall Firewalls can block access to strictly internal services unwanted users and in some cases filter network traffic by content citation needed iptables edit This section s factual accuracy may be compromised due to out of date information The reason given is Iptables is no longer the current interface Please help update this article to reflect recent events or newly available information January 2014 iptables is the current user interface for interacting with Linux kernel netfilter functionality It replaced ipchains Other Unix like operating systems may provide their own native functionality and other open source firewall products exist References edit Levi Bozidar 2002 UNIX Administration A Comprehensive Sourcebook for Effective Systems and Network Management CRC Press p 207 ISBN 0 8493 1351 1 General edit Practical UNIX and Internet Security Simson Garfinkel and Gene Spafford O Reilly amp Associates 2003 External links edit nbsp Wikibooks has a book on the topic of UNIX Computing Security nbsp Wikiversity has learning resources about Unix security The Unix Security Model for web server administration Archived 2006 10 04 at the Wayback Machine Robert K Moniot 2000 An Architectural Overview of UNIX Network Security Robert B Reinhardt 1993 Unix security papers Retrieved from https en wikipedia org w index php title Unix security amp oldid 1219087313, wikipedia, wiki, book, books, library,
