Depends on where the are in the system. In their home drive yes. But in root
and /sur/bin not usally.
But when you type ls -all you see the file rights and then you know if a
person and a group may delete of edit files.
But I know from all Linux distributions that users cannot dammage the system
accedently even taking actions on purpose is not very easy.
< 1K Download
First, you'll want to make sure that you don't have any stray suid
programs. Do a 'find / -perm +4000 -print' to see all the suid
programs on your system. If any of them don't *need* to be suid,
change their permissions to be normal (ie, 'chmod 755 <filename>').
Programs that use SVGALib (such as zgv, DOOM, Quake, etc) need to
be suid if you want normal users to be able to use them. If you
don't care about normal users being able to use these programs,
then strip them of the suid bit. The XFree86 X servers no longer
need to be suid root, just a wrapper script. I'm pretty sure that
Red Hat 5.1 shipped with the wrapper script, but if it didn't, go
to ftp.redhat.com and get the updated XFree86 packages. There are
a couple programs, like ping and traceroute, that need to be suid
root if you want normal users to be able to use them. You don't
*have* to give them access to these programs, though.
By default I don't think Red Hat uses shadow passwords. You'll want
to enable them. Type in 'pwconv' to convert your old password file
to shadow password style. This will make your system much more
secure, since normal users won't be able to copy the encrypted
passwords from /etc/password and crack them.
You'll also probably want to mess with limiting the resources a user
can use up. You can use disk quotas to keep one user from filling
up your entire /home partition, and you can use ulimit (bash) or
limit (tcsh) to limit the amount of processes or memory that can
be allocated. Remember to people give people enough room to get
work done. Setting draconian limits will make your system unusable.
See the man pages for bash and tcsh for instructions on how to set
That should at least get you started.
They are then users on the system. If you do not give them rootQuote:>If I add a user to a RedHat 5.1 box, and they telnet to the system, will
>they be able to cause any damage to the system, e.g. - delete files, run
I set up a Redhat 5.1 box as an experiment, intending to operate it
alongside my FreeBSD box. I haven't done much with it beyond some
performance testing. It doesn't carry any software other than the packages
provided with Redhat 5.1. I've never had a successful hack attempt with any
version of FreeBSD, however after being up a few days, this shows in
"laston -a -d" on the Redhat box.
cigna ttyp1 Sun Nov 15 11:50 - 11:56 (00:05)
User "cigna" was not created by me, and doesn't show up in my password file.
The password file does however, carry a suspicious modification date.
Additionally, the message log shows the following:
(Note that genesis.newtoy.com is not one of my machines, and 22.214.171.124
is not the IP of www.newtoy.com, so I suspect that I'm being delivered
forged name service responses. I would hope that named is intelligent enough
to discard these?)
Nov 15 10:56:25 green named: ns_resp: query(genesis.newtoy.com)
contains our address (NS1.NEWTOY.COM:126.96.36.199)
Nov 15 10:57:08 green identd: from: 188.8.131.52
( ffml.fanfic.com ) for: 4233, 8888
Nov 15 10:57:08 green identd: Successful lookup: 4233 , 8888 :
Nov 15 11:19:37 green named: ns_forw: query(www.newtoy.com) contains
our address (NS1.NEWTOY.COM:184.108.40.206)
Nov 15 11:40:30 green identd: Successful lookup: 5182 , 23 :
Nov 15 11:48:07 green kernel: Appletalk 0.17 for Linux NET3.035
Nov 15 11:50:32 green PAM_pwdb: (login) session opened for user cigna
Nov 15 11:50:32 green login: LOGIN ON ttyp1 BY cigna FROM
I'd appreciate any suggestions or explanations as to exactly what this