HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=4)
-   -   File Permissions (http://www.howtoforge.com/forums/showthread.php?t=24531)

demonize 26th June 2008 20:11

File Permissions
 
I would like to know if setting permissions like below on any linux distros mostly servers is good:


-- File Permissions --

Obscurity:
chattr +i /etc/exports
chattr +i /etc/hosts.equiv
chattr +i /etc/hosts.lpd
chattr +i /etc/inetd.conf
chattr +i /etc/lilo.conf
chattr +i /etc/login.access
chattr +i /etc/login.defs
chattr +i /etc/porttime
chattr +i /etc/protocols
chattr +i /etc/securetty
chattr +i /etc/services
chattr +i /etc/suauth

man chattr

Remove unneeded files:
rm /etc/csh.login

man tcsh

chmod a long list of files:
chmod 750 /bin/mt-st
chmod 600 /etc/ftpusers
chmod 600 /etc/hosts.allow
chmod 600 /etc/hosts.deny
chmod 600 /etc/inetd.conf
chmod 600 /etc/inittab
chmod 600 /etc/lilo.conf
chmod 600 /etc/login.defs
chmod 600 /etc/securetty
chmod 600 /etc/suauth
chmod 440 /etc/sudoers
chmod 600 /etc/syslog.conf
chmod 750 /sbin/badblocks
chmod 750 /sbin/debugfs
chmod 750 /sbin/depmod
chmod 750 /sbin/dumpe2fs
chmod 750 /sbin/explodepkg
chmod 750 /sbin/fdisk
chmod 750 /sbin/fsck
chmod 750 /sbin/fsck.ext2
chmod 750 /sbin/fsck.minix
chmod 750 /sbin/ftl_check
chmod 750 /sbin/ftl_format
chmod 750 /sbin/halt
chmod 750 /sbin/hwclock
chmod 750 /sbin/ifconfig
chmod 750 /sbin/ifport
chmod 750 /sbin/ifuser
chmod 750 /sbin/init
chmod 750 /sbin/insmod
chmod 750 /sbin/installpkg
chmod 750 /sbin/isapnp
chmod 750 /sbin/killall5
chmod 750 /sbin/lilo
chmod 750 /sbin/makepkg
chmod 750 /sbin/mke2fs
chmod 750 /sbin/mkfs
chmod 750 /sbin/mkfs.minix
chmod 750 /sbin/mkdosfs
chmod 750 /sbin/mkraid
chmod 750 /sbin/mkswap
chmod 750 /sbin/modinfo
chmod 750 /sbin/netconfig.color
chmod 750 /sbin/netconfig.tty
chmod 750 /sbin/pkgtool
chmod 750 /sbin/pnpdump
chmod 750 /sbin/removepkg
chmod 750 /sbin/rpc.portmap
chmod 750 /sbin/quotaon
chmod 750 /sbin/rdev
chmod 750 /sbin/runlevel
chmod 750 /sbin/setserial
chmod 750 /sbin/swapon
chmod 750 /sbin/tune2fs
chmod 750 /sbin/upgradepkg
chmod 750 /sbin/uugetty
chmod 750 /usr/bin/eject
chmod 4750 /usr/bin/gpasswd
chmod 750 /usr/bin/lpq
chmod 750 /usr/bin/lprm
chmod 4750 /usr/bin/lpr
chmod 750 /usr/bin/minicom
chmod 700 /usr/bin/nohup
chmod 700 /usr/bin/script
chmod 500 /usr/lib/news/bin/inndstart
chmod 500 /usr/lib/news/bin/startinnfeed
chmod 750 /usr/lib/setup/cpkgtool
chmod 750 /usr/lib/setup/hdsetup
chmod 750 /usr/sbin/atd
chmod 750 /usr/sbin/atrun
chmod 750 /usr/sbin/crond
chmod 750 /usr/sbin/ctrlaltdel
chmod 750 /usr/sbin/dhcpd
chmod 750 /usr/sbin/dhcrelay
chmod 750 /usr/sbin/edquota
chmod 750 /usr/sbin/groupadd
chmod 750 /usr/sbin/groupdel
chmod 750 /usr/sbin/groupmod
chmod 750 /usr/sbin/grpck
chmod 750 /usr/sbin/grpconv
chmod 750 /usr/sbin/grpunconv
chmod 750 /usr/sbin/hdparm
chmod 750 /usr/sbin/imapd
chmod 750 /usr/sbin/in.comsat
chmod 755 /usr/sbin/in.fingerd
chmod 755 /usr/sbin/in.identd
chmod 750 /usr/sbin/in.talkd
chmod 000 /usr/sbin/in.rexecd
chmod 000 /usr/sbin/in.rlogind
chmod 000 /usr/sbin/in.rshd
chmod 750 /usr/sbin/in.telnetd
chmod 000 /usr/sbin/in.tftpd
chmod 750 /usr/sbin/in.timed
chmod 750 /usr/sbin/inetd
chmod 750 /usr/sbin/ipop3d
chmod 750 /usr/sbin/klogd
chmod 2750 /usr/sbin/lpc
chmod 740 /usr/sbin/lpd
chmod 750 /usr/sbin/lpf
chmod 550 /usr/sbin/makemap
chmod 750 /usr/sbin/mouseconfig
chmod 750 /usr/sbin/named
chmod 750 /usr/sbin/newusers
chmod 750 /usr/sbin/nmbd
chmod 750 /usr/sbin/ntpdate
chmod 750 /usr/sbin/ntpq
chmod 750 /usr/sbin/ntptime
chmod 750 /usr/sbin/ntptrace
chmod 750 /usr/sbin/pppd
chmod 750 /usr/sbin/pwck
chmod 750 /usr/sbin/pwconv
chmod 750 /usr/sbin/pwunconv
chmod 550 /usr/sbin/quotastats
chmod 750 /usr/sbin/rpc.bootparamd
chmod 750 /usr/sbin/rpc.mountd
chmod 750 /usr/sbin/rpc.nfsd
chmod 750 /usr/sbin/rpc.rusersd
chmod 750 /usr/sbin/rpc.rwalld
chmod 750 /usr/sbin/rpc.yppasswdd
chmod 750 /usr/sbin/rpc.ypxfrd
chmod 750 /usr/sbin/rpcinfo
chmod 750 /usr/sbin/showmount
chmod 750 /usr/sbin/smbd
chmod 750 /usr/sbin/syslogd
chmod 750 /usr/sbin/tcpd
chmod 750 /usr/sbin/tcpdchk
chmod 750 /usr/sbin/tcpdmatch
chmod 750 /usr/sbin/tcpdump
chmod 750 /usr/sbin/timeconfig
chmod 750 /usr/sbin/useradd
chmod 750 /usr/sbin/userdel
chmod 750 /usr/sbin/usermod
chmod 750 /usr/sbin/vipw


All times are GMT +2. The time now is 13:16.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.