You already heard that Linux is safe, and that there are no virus, no spyware… well, in fact, Linux has one small problem regarding security… YOU! Thats right, problem resides between the keyboard and the chair. So let’s start to look to you system in a safer way, learning how stuff works, and not making mistakes in the future.
Has you probably found out, you need a combination of a user name and a password, to login to you system. Normal behavior is this security model, but there are distributions that automatically log you in. I believe this is not giving a damm about security, but that’s just me.
When you create a new user, you are provided with a User ID (uid) and a Group ID (gid). This is what is used to control acess to files and directories, and also running processes. Every single file created in your system, is owned by a specific user, and associated with a certain group. The same goes for processes (running programs), each one of them is controlled by a user and a group, and only the user or users associated with the group, can control the system resources assigned to this process.
USERS
Like I said before, each new user is assigned with a unique User ID (uid). You can check yours by typing id in the cli. It will output your uid, your gid and the groups that you belong to. Normally when you create a user, you are assigned also with a home directory (/home/<user>), and a program that is run when you login, most of the times this is the shell (ie: /bin/bash).
Users own the files and directories that they create, and cannot read or access other users files/directories. If you want to take a look which users exist on your system, poke trough /etc/passwd; here you can see all the usernames and uid .
Your home is right that, yours! You can create, destroy, move, copy… Whatever suits you! Organize it the way you want it, store everything you need. The only limitation to this is either disk space, or system quotas. In a safe Linux system, your user, besides his home, will share the /tmp directory with the rest of the world, and nothing else.You could sa, what about programs, aren’t this also shared? Yes, but later I’ll explain how this works.
GROUPS
Following the same philosophy, groups in your system are assigned a unique Group ID (gid), ant these are stored inside a special file, the /etc/group. Each user is assigned with his own private group (the same name as the username), and normally this is their primary group. Users can belong to several groups, and normally these are secondary group affiliations. Now, you might be asking what are the primary and secondary groups? Primary group, defines the creation mode, so files and directories created by the user, will inherit the primary group affiliation. If you intend to create something with a different group mode, user the newgrp <groupname>. From now on, everything will have the group that was chosen, until you type exit or CTRL+D .
Thats it for now! The ability a user has, to use certain directories or access certain files, is determined by his permissions (that comes along with uid and gid). This will be discussed later, so stay tuned =)
![[del.icio.us]](http://images.del.icio.us/static/img/delicious.small.gif){kind=small}
0 comments ↓
There are no comments yet...Kick things off by filling out the form below.
Leave a Comment