Questions tagged [unix]

Unix is a family of multiuser, multitasking operating system that is widely used in workstations, servers and embedded devices. The best-known Unix variant is Linux.

Unix is a family of multiuser, multitasking operating systems found on many servers, workstations, network equipment and other embedded devices. Unix variants include linux, macosx, openbsd, solaris, and more. Use the tag unix for questions that are about Unix-like systems in general; if your question is about a specific operating system (Linux, OpenBSD, …), use the tag for that system. For functional questions (“How do I use this tool which is not specifically a security tool?”), try asking on our sister site Unix & Linux.

In the core Unix security model, roles are described in terms of users (who are typically either physical users or system services) and groups. The permissions of an application are those of the user executing it. Some programs run with elevated privileges through the setuid/setgid mechanism.

Resources such as data files, programs and devices are accessed through files. In the traditional Unix model, each file has an owner and group, and the owner, group and others are granted separate permissions (read/write/execute). Many modern Unix systems provide access control lists and other extensions to the basic model.

151 questions

votes

2 answers

Does glibc2 version of the crypt function still use DES for alternative hashing methods?

I'm trying to understand how typical Linux distributions generate the password field for entries in /etc/shadow. I can't figure out what encryption algorithm is being used to produce the encrypted password string. For…

passwords cryptography hash linux unix

asked May 16 '13 at 14:12

Vilhelm Gray

votes

2 answers

OBSD X11 as non-root?

If running X11 as root is not a very good idea, then can anyone mention a method/solution, how to still use a GUI, and not having X11 as root?

operating-systems unix openbsd privileged-account

asked May 03 '11 at 05:51

LanceBaynes

6,149
11
60
91

votes

0 answers

GPG Agent SSH Forward Pinentry

I have GPG agent forwarding via SSH RemoteForward working up to a point. I can list my private and public keys on the remote host. If I try to decrypt a file remotely, the PIN is prompted for but the text is stepped, garbled and the passphrase…

gnupg macos unix openssh centos

asked Sep 12 '20 at 09:32

ephemeric

votes

5 answers

Security purpose of asking admin password to mount partition on Linux

So I divided my 250GB laptop drive into 2 partitions and some swap. On the second partition which is an ext4 60GB partition I installed Fedora 17. On the other bigger NTFS partition I've got Win XP and files I use when running both operating…

linux access-control unix file-system permissions

asked Sep 27 '12 at 06:27

Happy

votes

1 answer

Is the mount manpage saying nosuid is secure, or is not?

I'm a bit confused about the description of nosuid in the mount manpage on this RedHat system I'm setting up: nosuid Do not allow set-user-identifier or set-group-identifier bits to take effect. (This seems safe, but is in fact rather…

unix file-system

asked Sep 11 '12 at 19:49

kojiro

votes

3 answers

Are environment variables entered directly before a command visible to other users?

UPDATE: I know that environment variables are generally secure, and am familiar with this question. My question is can other users see them if they are entered as part of a command (same line, no semi-colon), seeing as command line options are not…

unix

asked Sep 27 '16 at 22:17

Neil McGuigan

3,379
1
16
20

votes

2 answers

vulnerable getlogin

I was reading "A taxonomy of Coding Errors" and I have a doubt regarding the point mentioned in C/C++ >> API Abuse >> Often Misused: Authentication(getlogin). I fail to understand the attack vector mentioned there. To quote a statement - The…

appsec linux source-code unix c

asked Mar 15 '12 at 18:23

user1187

votes

2 answers

Default accounts shutdown, halt, and sync - still shipping?

I'm curious as to whether, and if so why, Unix and Linux distributions still ship with default accounts shutdown, halt and sync. Specifically (from a Red Hat…

linux unix privileged-account

asked Apr 22 '16 at 18:14

Mike McManus

1,415
10
17

votes

2 answers

sharing private key sTunnel

All of the sTunnel guides and implementations at work do the same thing, they say once the private key and the public cert are created on the server, you need to cat them together and then share with the client host. While this makes perfect sense…

encryption public-key-infrastructure openssl unix

asked Feb 03 '16 at 15:23

Jamie

votes

1 answer

How to recover/log attempted passwords from a failed login

I saw the following question before: Is it legal to log passwords from failed logins? I think it raises another question: How do I log failed attempted passwords? That seems very useful when I need to check if someone is socially engineering his way…

windows unix social-engineering

asked Nov 14 '15 at 16:49

vianna77

votes

3 answers

How to detect port scan on SIEM within LAN or same Network?

Let's suppose a host machine in the client environment has been infected and its performing port scanning on other machine within the LAN or same Network without passing through Firewall: On what basis we can write an Alert in SIEM Tool to catch…

windows unix siem

asked Jul 31 '15 at 06:33

santosh407

votes

1 answer

explanation of an nmap behaviour

I'm testing some vulnerabilities on a machine which has the port 22333 opened (it's used as the ssh port, and I can connect to it without any problem and the telned command get connected): $ telnet x.x.x.x 22333 Trying x.x.x.x... Connected to…

attack-prevention ports nmap unix

asked Jun 03 '15 at 18:01

Toni

votes

3 answers

Security Implications of setting passwd as suid

When the passwd command is executed, it runs as the root user. Can't this be exploited? If not, why?

exploit unix

asked Jul 31 '11 at 16:47

ADJ

votes

2 answers

Sun ILOM / Out of band management security concerns

I would like to get some outside opinion on this if possible, although I do not know what to ask. Sun ILOM is an Out-of-band management system. I understand it is a separate OS on the box that is always on. It is able to access Keyboard Monitor…

operating-systems attacks hardware unix

asked Jul 18 '11 at 20:37

700 Software

13,807
3
52
82

votes

4 answers

Why are people saying that the X Window System is not secure?

Why are people saying that the X Window System is not secure? The OpenBSD team succeeded with privilege separation in 2003; why didn't the "Linux developers" do this? To be clear: What security design flaws does X have? Why don't the Linux…

linux unix

asked Jun 19 '11 at 18:42

LanceBaynes

6,149
11
60
91

Prev 1 2 3

…

10 11 Next