Security How To (part 1)

Introduction
This document covers some of the main issues that affect Linux security. General
philosophy and net-born resources are discussed.
A number of other HOWTO documents overlap with security issues, and those documents
have been pointed to wherever appropriate.
This document is not meant to be a up-to-date exploits document. Large numbers of
new exploits happen all the time. This document will tell you where to look for such
up-to-date informati

New Versions of this Document
New versions of this document will be periodically posted to comp.os.linux.answers.
They will also be added to the various sites that archive such information, including:
http://www.linuxdoc.org/
The very latest version of this document should also be available in various formats
from:
• http://scrye.com/~kevin/lsh/
• http://www.linuxsecurity.com/docs/Security-HOWTO
• http://www.tummy.com/security-howto
Feedback
All comments, error reports, additional information and criticism of all sorts should
be directed to:
kevin-securityhowto@tummy.com5
and
dave@linuxsecurity.com6
Note: Please send your feedback to both authors. Also, be sure and include "Linux"
"security", or "HOWTO" in your subject to avoid Kevin’s spam filter.
Disclaimer
No liability for the contents of this document can be accepted. Use the concepts, examples
and other content at your own risk. Additionally, this is an early version,
possibly with many inaccuracies or errors.
A number of the examples and descriptions use the RedHat(tm) package layout and
system setup. Your mileage may vary.
As far as we know, only programs that, under certain terms may be used or evaluated
for personal purposes will be described. Most of the programs will be available,
complete with source, under GNU7 terms.
Copyright Information
This document is copyrighted (c)1998-2000 Kevin Fenzi and Dave Wreski, and distributed
under the following terms:
3
• Linux HOWTO documents may be reproduced and distributed in whole or in part,
in any medium, physical or electronic, as long as this copyright notice is retained
on all copies. Commercial redistribution is allowed and encouraged; however, the
authors would like to be notified of any such distributions.
• All translations, derivative works, or aggregate works incorporating any Linux
HOWTO documents must be covered under this copyright notice. That is, you
may not produce a derivative work from a HOWTO and impose additional restrictions
on its distribution. Exceptions to these rules may be granted under certain
conditions; please contact the Linux HOWTO coordinator at the address given below.
• If you have questions, please contact Tim Bynum, the Linux HOWTO coordinator,
at
tjbynum@metalab.unc.edu8