Author: Dave Wreski
Keeping the superuser account secure should be a top priority for any system. The most sought-after account on your machine is the superuser account. This account has authority over the entire machine, which may also include
authority over other machines on the network. Remember that you should
only use the root account for very short specific tasks and should
mostly run as a normal user. Running as root all the time is a very,
very, very bad idea.
Several tricks
to avoid messing up your own box as root:
- When doing some complex command, try running it first in a non destructive way…especially commands that use globbing: e.g., you are
going to do a rm foo*.bak, instead, first do: ls foo*.bak and make sure you are going to delete the files you think you are. Using echo in
place of destructive commands also works. -
Provide your
users with a default alias to the /bin/rm command to ask
for confirmation for deletion of files. -
Only become
root to do single specific tasks. If you find yourself trying to figure out how to do something, go back to a normal user shell until you are sure what needs to be done by root. -
The command
path for the root user is very important. The command
path, or the PATH environment variable, defines the location the shell
searches for programs. Try and limit the command path for the root user
as much as possible, and never use ‘.’, meaning ‘the current
directory’, in your PATH statement. Additionally, never have
writable directories in your search path, as this can allow attackers
to modify or place new binaries in your search path, allowing them to
run as root the next time you run that command. -
Never use the
rlogin/rsh/rexec (called the “r-utilities”) suite of
tools as root. They are subject to many sorts of attacks, and are
downright dangerous run as root. Never create a .rhosts file for root. -
The
/etc/securetty file contains a list of terminals that root can
login from. By default (on Red Hat Linux) this is set to only the local
virtual consoles (vtys). Be very careful of adding anything else to
this file. You should be able to login remotely as your regular user
account and then use su if you need to (hopefully over ssh or other
encrypted channel), so there is no need to be able to login directly as
root. -
Always be slow
and deliberate running as root. Your actions could
affect a lot of things. Think before you type!
Security Tip
Written by Dave Wreski (dave@guardiandigital.com)
Additional tips
are available at the following URL:
http://www.linuxsecurity.com/tips/
—–
LinuxSecurity
Feature Extras:
An
Interview with Gary McGraw, Co-author of Exploiting Software: How to
Break Code – Gary McGraw is perhaps best known for his
groundbreaking
work on securing software, having co-authored the classic Building
Secure Software (Addison-Wesley, 2002). More recently, he has
co-written with Greg Hoglund a companion volume, Exploiting Software,
which details software security from the vantage point of the other
side, the attacker. He has graciously agreed to share some of his
insights with all of us at LinuxSecurity.com.Security
Expert Dave Wreski Discusses Open Source Security – Dave Wreski, CEO of
Guardian Digital, Inc. and respected author of various hardened
security and Linux publications, talks about how Guardian Digital is
changing the face of IT security today. Guardian Digital is perhaps
best known for their hardened Linux solution EnGarde Secure Linux,
touted as the premier secure, open-source platform for its
comprehensive array of general purpose services, such as web, FTP,
email, DNS, IDS, routing, VPN, firewalling, and much more.
[ Linux
Advisory Watch ] – [ Linux Security Week
] – [ PacketStorm
Archive ] – [ Linux
Security Documentation ]
Linux
Advisory
Watch is a comprehensive newsletter that outlines the security
vulnerabilities that have been announced throughout the week. It
includes pointers to updated packages and descriptions of each
vulnerability.[
Subscribe
]
Distribution: | Conectiva | ||
8/11/2004 | libpng | ||
Multiple vulnerabilities
Chris Evans found several vulnerabilities in unpatched libpng versions |
|||
8/11/2004 | apache | ||
Format string vulnerability Ralf S. Engelschall found[1] a dangerous call[2] to ssl_log function in |
|||
8/13/2004 | squirrelmail | ||
Multiple vulnerabilities
This patch addresses four vulnerabilities in SquirrelMail, including |
|||
Distribution: | Debian | ||
8/11/2004 | squirrelmail | ||
Multiple vulnerabilities
This patch addresses multiple Cross Site Scripting and SQL Injection |
|||
8/11/2004 | libpng | ||
Multiple vulnerabilities
This patch addresses a large number of vulnerabilities in libpng. |
|||
Distribution: | Fedora | ||
8/11/2004 | kernel | ||
Multiple vulnerabilities
This update kernel for Fedora Core 2 contains the security fixes as |
|||
8/11/2004 | libpng10 | ||
Multiple vulnerabilities
Multiple libpng vulnerabilities are backpatched to the old 1.0.x libpng |
|||
8/11/2004 | libpng | ||
Multiple vulnerabilities
This patch fixes numerous buffer overflow and pointer dereference |
|||
8/11/2004 | kernel | ||
Unsafe pointer vulnerabilities A local unprivileged user could make use of these flaws to access large |
|||
Distribution: | Gentoo | ||
8/11/2004 | MPlayer | ||
Buffer overflow vulnerability When compiled with GUI support MPlayer is vulnerable to a remotely |
|||
8/11/2004 | Courier | ||
Cross-site scripting vulnerability The SqWebMail web application, included in the Courier suite, is |
|||
8/11/2004 | libpng | ||
Multiple vulnerabilities
libpng contains numerous vulnerabilities potentially allowing an |
|||
8/11/2004 | PuTTY | ||
Buffer overflow vulnerability PuTTY contains a vulnerability allowing a SSH server to execute |
|||
8/11/2004 | Opera | ||
Multiple vulnerabilities
Several new vulnerabilities were found and fixed in Opera, including |
|||
8/11/2004 | SpamAssassin | ||
Denial of service vulnerability SpamAssassin is vulnerable to a Denial of Service attack when handling |
|||
8/11/2004 | Horde-IMP Input validation vulnerability |
||
Denial of service vulnerability Horde-IMP fails to properly sanitize email messages that contain |
|||
8/11/2004 | Cfengine | ||
Heap corruption vulnerability Cfengine is vulnerable to a remote root exploit from clients in |
|||
8/13/2004 | Roundup | ||
Filesystem access vulnerability Roundup will make files owned by the user that it’s running as |
|||
8/13/2004 | gv | ||
Buffer overflow vulnerability gv contains an exploitable buffer overflow that allows an attacker to |
|||
8/13/2004 | Nessus | ||
Race condition vulnerability Nessus contains a vulnerability allowing a user to perform a privilege |
|||
8/13/2004 | Gaim | ||
Buffer overflow vulnerability Gaim contains a remotely exploitable buffer overflow vulnerability in |
|||
8/13/2004 | kdebase,kdelibs Multiple vulnerabilities |
||
Buffer overflow vulnerability KDE contains three security issues that can allow an attacker to |
|||
Distribution: | Mandrake | ||
8/11/2004 | libpng | ||
Buffer overflow vulnerabilities Chris Evans discovered numerous vulnerabilities in the libpng graphics |
|||
8/11/2004 | shorewall | ||
Insecure temporary file vulnerability The shorewall package has a vulnerability when creating temporary files |
|||
8/13/2004 | gaim | ||
Buffer overflow vulnerabilities Sebastian Krahmer discovered two remotely exploitable buffer overflow |
|||
8/13/2004 | mozilla | ||
Multiple vulnerabilities
A large number of Mozilla vulnerabilites is addressed by this update. |
|||
Distribution: | Openwall | ||
8/11/2004 | kernel | ||
Multiple vulnerabilities
his corrects the access control check in the Linux kernel which |
|||
Distribution: | Red Hat |
||
8/11/2004 | kernel | ||
Multiple vulnerabilities
Updated kernel packages that fix potential information leaks and a |
|||
8/11/2004 | kernel | ||
Multiple vulnerabilities
Updated kernel packages that fix several security issues in Red Hat |
|||
8/11/2004 | libpng | ||
Buffer overflow vulnerabilities An attacker could create a carefully crafted PNG file in such a way |
|||
8/11/2004 | GNOME | ||
VFS Multiple vulnerabilities An attacker who is able to influence a user to open a specially-crafted |
|||
8/11/2004 | glibc | ||
Multiple vulnerabilities
Updated glibc packages that fix a security flaw in the resolver as well |
|||
8/11/2004 | mozilla | ||
Multiple vulnerabilities
Updated mozilla packages based on version 1.4.3 that fix a number of |
|||
8/11/2004 | Ethereal | ||
Multiple vulnerabilities
Updated Ethereal packages that fix various security vulnerabilities are |
|||
Distribution: | Slackware | ||
8/11/2004 | libpng | ||
Buffer overflow vulnerabilities Exploitation could cause program crashes, or possibly allow arbitrary |
|||
8/11/2004 | mozilla | ||
Multiple vulnerabilities
This is a full upgrade of Mozilla, put in place to remove security |
|||
8/11/2004 | imagemagick | ||
Buffer overflow vulnerabilities This imagemagick patch fixes issues with PNG images. |
|||
8/11/2004 | sox | ||
Buffer overflow vulnerabilities Fixes buffer overflow security issues that could allow a malicious WAV |
|||
Distribution: | Suse | ||
8/6/2004 | libpng | ||
Multiple vulnerabilities
Several different security vulnerabilities were found in the PNG |
|||
8/11/2004 | kernel | ||
Multiple vulnerabilities
This patch fixes a large number of kernel vulnerabilities, including a |
|||
8/12/2004 | gaim | ||
Buffer overflow vulnerabilities Remote attackers can execute arbitrary code as the user running the |
|||
Distribution: | Trustix | ||
8/6/2004 | libpng | ||
Multiple vulnerabilities
This is a roundup patch that fixes all known vulnerabilites with |
|||
8/11/2004 | kernel | ||
Multiple vulnerabilities
This roundup patch fixes a large number of kernel vulnerabilites. |
|||
Distribution: | Turbolinux | ||
8/11/2004 | libpng | ||
Multiple vulnerabilities
Multiple buffer overflows and a potential NULL pointer dereference in |
|||