This document covers some of the main issues that affect Linux
security. General philosophy and net-born resources are discussed.
A number of other HOWTO documents overlap with security issues, and
those documents have been pointed to wherever appropriate.
This document is not meant to be a up-to-date exploits
document. Large numbers of new exploits happen all the time. This
document will tell you where to look for such up-to-date information,
and will give some general methods to prevent such exploits from taking
1.1. New Versions of this Document
New versions of this document will be periodically posted to comp.os.linux.answers.
They will also be added to the various sites that archive such
The very latest version of this document should also be available in
various formats from:
All comments, error reports, additional information and criticism of
all sorts should be directed to:
Note: Please send your feedback to both authors.
Also, be sure and include "Linux" "security", or "HOWTO" in your
subject to avoid Kevin's spam filter.
No liability for the contents of this document can be accepted. Use
the concepts, examples and other content at your own risk.
Additionally, this is an early version, possibly with many inaccuracies
A number of the examples and descriptions use the RedHat(tm) package
layout and system setup. Your mileage may vary.
As far as we know, only programs that, under certain terms may be
used or evaluated for personal purposes will be described. Most of the
programs will be available, complete with source, under GNU
1.4. Copyright Information
This document is copyrighted (c)1998-2005 Kevin Fenzi and Dave
Wreski, and distributed under the following terms:
Linux HOWTO documents may be reproduced and distributed in whole
or in part, in any medium, physical or electronic, as long as this
copyright notice is retained on all copies. Commercial redistribution
is allowed and encouraged; however, the authors would like to be
notified of any such distributions.
All translations, derivative works, or aggregate works
incorporating any Linux HOWTO documents must be covered under this
copyright notice. That is, you may not produce a derivative work from a
HOWTO and impose additional restrictions on its distribution.
Exceptions to these rules may be granted under certain conditions;
please contact the Linux HOWTO coordinator at the address given below.
If you have questions, please contact Tim Bynum, the Linux HOWTO
1.5 Author Information
v2.3, 22 January 2004
This document is a general overview of security issues that face the
administrator of Linux systems. It covers general security philosophy
and a number of specific examples of how to better secure your Linux
system from intruders. Also included are pointers to security-related
material and programs. Improvements, constructive criticism, additions
and corrections are gratefully accepted. Please mail your feedback to
both authors, with "Security HOWTO" in the subject.