COHERENT manpages
This page displays the COHERENT manpage for security [System Administration].
List of available manpages
Index
security -- System Administration Because COHERENT is a multi-user, multi-tasking operating system which can support users from remote terminals, steps must be taken to ensure that the system is secure. Sensitive information that is stored on the system must be protected from being read or copied by unauthorized persons; files must be protected against vandalization by intruders. Unless a reasonable degree can be guaranteed, no multi-user operating system can be trusted to archive important information. In one sense, it is easy to achieve perfect security in a computer system. As Grampp and Morris have noted, ``It is easy to run a secure computer system. You merely disconnect all dial-up connections, put the machine and its terminals in a shielded room, and post a guard at the door.'' For practical uses, however, security means balancing ease of access against restrictiveness: users should have easy access to what is properly theirs, and should be barred from system facilities that do not belong to them. The COHERENT system has the following tools to assist with security. Passwords Every user account can be ``locked'' with a password. Each user can assign her own password, and the system administrator can set passwords for the superusers root and bin. Passwords should be changed frequently. A password should have at least six characters, should not be a common name or word, and preferably should include a mixture of upper- and lower-case letters, to prevent decryption by brute-force methods. Passwords should be guarded jealously. In particular, the password for the superuser root should be kept secret, as she can read every file and execute every program throughout the system. Permissions Execution of system-level programs, such as mount, is restricted to the superuser root. This prevents intruders from seizing superuser permissions through unauthorized manipulation of system services. Ordinary users are also restricted from directly access system devices, for the same reason. One potential hole in security is the setting the setuid bit on programs that are owned by the superuser root. Setting this bit grant superuser privileges to whoever runs the program. Two commands often have this bit set: /etc/enable and /etc/disable. This is done to permit users, in particular user uucp, to enable and disable a port. This, however, permits any user to enable or disable a device -- including the console device; which means that a cracker who breaks into your system could lock you out of it if she wished. The lesson is that you should not set the setuid bit on any program that is owned by root unless you have an excellent reason to do so. Encryption The command crypt performs rotary encryption, similar to that used by the German Enigma machine. Files of sensitive information should be encrypted, to protect them against being read by unauthorized persons. Note that encryption is the only true defense against unauthorized reading: not even the superuser can read an encrypted file unless she has the encryption key. Many COHERENT systems have only one user and are not networked; for such installations, the normal level of security may be an annoyance. Passwords can be turned off by using the command passwd to set the password to <return>. The command chmod can be used to widen access to devices and system-level utilities; see the Lexicon entry for chmod for more information on file access. Security ultimately is a system-wide responsibility. To quote Grampp and Morris, ``By far, the greatest security hazard for a system ... is the set of people who use it. If the people who use a machine are naive about security issues, the machine will be vulnerable regardless of what is done by the local management. This applies particularly to the system's administrators, but ordinary users should also take heed.'' See Also Administering COHERENT, chmod, crypt, login, passwd Grampp, F.T., Morris, R.H.: UNIX operating system security. AT&T Bell Lab Tech J 1984;8:1649-1672.