Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Mail Systems
Eclipse Documentation

How To Guides
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Problem Solutions
Privacy Policy





Back in section 7.1 on page [*], we discussed file permissions in Linux. This is a fundamental way to keep your system secure. If you are running a multi-user system or a server, it is important to make sure that permissions are correct. A good rule of thumb is to set files to have the minimum permissions necessary for use.

If you are running a network server, there are some other things to be aware of as well. First, you ought to uninstall or turn off any network services you're not using. A good place to start is the file /etc/inetd.conf; you can probably disable some of these. For most network services, it's also possible to control who has access to them; the /etc/hosts.allow and /etc/hosts.deny files (documented in man 5 hosts_access) can control who has access to which services. You also ought to keep up-to-date with patches or updates to Debian; these can be found on your nearest Debian FTP mirror.

Some other commonsense rules apply:

  • Never tell anyone your password.
  • Never send your password in cleartext across the Internet by using something like telnet or FTP. Instead, use encrypted protocols or avoid logging in remotely.
  • Avoid using root as much as possible.
  • Don't install untrusted software, and don't install it as root.
  • Avoid making things world-writable whenever possible. /tmp is one exception to this rule.
While this is probably not of as much use to somebody not running a server, it is still pays to know a bit about security. Debian's security mechanism is what protects your system from many viruses.

John Goerzen / Ossama Othman

  Published under the terms of the GNU General Public License Design by Interspire