home | O'Reilly's CD bookshelfs | FreeBSD | Linux | Cisco | Cisco Exam  

Practical UNIX & Internet Security

Practical UNIX & Internet SecuritySearch this book
Previous: 4.3 su: Changing Who You Claim to Be Chapter 4
Users, Groups, and the Superuser
Next: 5. The UNIX Filesystem

4.4 Summary

Every account on your UNIX system should have a unique UID . This UID is used by the system to determine access rights to various files and services. Users should have unique UID s so their actions can be audited and controlled.

Each account also belongs to one or more groups, represented by GID s. You can use group memberships to designate access to resources shared by more than one user.

Your computer has a special account called root , which has complete control over the system. Be sure to limit who has access to the root account, and routinely check for bad su attempts. If possible, you should have all of the machines on your network log bad su attempts to a specially appointed secure machine. Each computer on your network should have a different superuser password.

Previous: 4.3 su: Changing Who You Claim to Be Practical UNIX & Internet Security Next: 5. The UNIX Filesystem
4.3 su: Changing Who You Claim to Be Book Index 5. The UNIX Filesystem