IT Security Blog

Root access and security

By

root prompt

This is something that is not really new news but it is important nonetheless. For Linux users, there are certain things that you cannot do if you do not have what is called ‘root access.’ Basically, if you are not the super user or admin, you will not have access to certain commands.

Why restrict access?

There are certain applications which you would not want your users to install on their computers. Take for example peer to peer apps. If you allow your users the permission to install them, you could have some people sucking up the bandwidth. In a company wherein downloads of files from clients are important for your daily operations, this is a scenario you would like to avoid. If there are users with such apps, you would have to really trace them and monitor them so you would be able to cut down their internet access. Also, another thing is that they might unintentionally download some things that would let your system be infiltrated by worms and all that.

Sudo and sudoers
One way that you could give users a bit of access as admin is to put them in a sudoers list. Sudo is the command to let a user act as if he is the super user or root. The nice thing about it this is that there is also control as to which commands in particular could be run by certain users. If you will use create a list of sudoers, or those users who will have sudo access, you have to use visudo or sudoedit because there is a particular format for the /etc/sudoers file.

[tags]linux,security,access[/tags]

Novell: Secure your system with AppArmor

By

AppArmor

Novell would like to release a Linux with security management made easy according to the news on Security Focus. They have decided to not use security modifications by the National Security Agency because of the difficulty in configuring it. They have with it AppArmor though.

According to an article on Security Focus, the latest additions to SuSE Linux Enterprise Desktop (SLED) have been discussed in LinuxWorld. The focus was on AppArmor.

What’s up with AppArmor?

The AppArmor will be concerned with making access a bit more restrictive. There are some applications which need root access — these applications could make changes that would affect the entire system and if you want to make sure it would not happen, AppArmor could be the way for you to restrict access.

It is said to be that it is easy to use. Aside from that your system could be protected from internal and external attacks. This would be a plus factor, especially if you think about the costs of recovering from attacks that could affect your data.

How simple is simple?

  • You have a name-based access control system.
  • There is a graphical user interface.
  • There are predefined profiles.
  • There are wizards you could use to build security profiles for third party applications.

Check it out

Novell Linux is surely geared towards the users in the enterprise. If you want something that has a robust set of open source applications, a good user interface and tools, it is definitely one to try. You might not enjoy tweaking around too much and from the looks of things, SLED could be the Linux to give you an easy transition, in case you are migrating from proprietary to open source software.

[tags]novell,linux,security,applications[/tags]

Windows, Mac OSX, Linux — which is more secure?

By

all three logos

There have been many flame wars, there have been different studies made regarding the security of each operating system mentioned in the title. The studies are sometimes said to be biased because it depends on what organization or company has funded the studies. At the end of the day, however, we must realize that no matter what operating system we use on our computers, we should be responsible enough to download security patches and the like.

Sometimes articles and threads on forums and blogs end up in fanaticism. Some of the points raised when it comes to vulnerability and operating systems would be:

The popularity of the operating system
Take for example Windows. It is probably the most popular operating system and some say that that is one of the main reasons why it is most attacked by hackers and creators of malware. They say that there is no point in attacking an operating system that is not used by many. The logic, they say, is that if you are going to do something, make sure it will be something big. (This is why there are people who seem to insist on getting a Mac — more stable and secure that way, as they say.)

Linux, BSD are operating systems that you can’t even run right away/properly/(insert phrase here)…
It sounds so petty, doesn’t it? But there are those who argue with Linux and BSD users that the difficulty with their operating system is that it is not easy to run it. Would an average computer users be able to use it and run it without much fiddling around? Truth be told, it looks like it is possible. But that depends on which Linux distribution you would run. In any case, the argument is more along the lines of “If you can’t even have the OS running properly, who would bother attacking it?”

Everyone must learn how to set up security measures. Be it setting up a firewall, being careful about which sites to check out, downloading patches — each of us will have different needs and we will have different experiences.

[tags]security, windows,linux,mac[/tags]