#1  
Old 26th June 2008, 20:11
demonize demonize is offline
Junior Member
 
Join Date: Jun 2008
Posts: 3
Thanks: 0
Thanked 1 Time in 1 Post
 
Default File Permissions

I would like to know if setting permissions like below on any linux distros mostly servers is good:


-- File Permissions --

Obscurity:
chattr +i /etc/exports
chattr +i /etc/hosts.equiv
chattr +i /etc/hosts.lpd
chattr +i /etc/inetd.conf
chattr +i /etc/lilo.conf
chattr +i /etc/login.access
chattr +i /etc/login.defs
chattr +i /etc/porttime
chattr +i /etc/protocols
chattr +i /etc/securetty
chattr +i /etc/services
chattr +i /etc/suauth

man chattr

Remove unneeded files:
rm /etc/csh.login

man tcsh

chmod a long list of files:
chmod 750 /bin/mt-st
chmod 600 /etc/ftpusers
chmod 600 /etc/hosts.allow
chmod 600 /etc/hosts.deny
chmod 600 /etc/inetd.conf
chmod 600 /etc/inittab
chmod 600 /etc/lilo.conf
chmod 600 /etc/login.defs
chmod 600 /etc/securetty
chmod 600 /etc/suauth
chmod 440 /etc/sudoers
chmod 600 /etc/syslog.conf
chmod 750 /sbin/badblocks
chmod 750 /sbin/debugfs
chmod 750 /sbin/depmod
chmod 750 /sbin/dumpe2fs
chmod 750 /sbin/explodepkg
chmod 750 /sbin/fdisk
chmod 750 /sbin/fsck
chmod 750 /sbin/fsck.ext2
chmod 750 /sbin/fsck.minix
chmod 750 /sbin/ftl_check
chmod 750 /sbin/ftl_format
chmod 750 /sbin/halt
chmod 750 /sbin/hwclock
chmod 750 /sbin/ifconfig
chmod 750 /sbin/ifport
chmod 750 /sbin/ifuser
chmod 750 /sbin/init
chmod 750 /sbin/insmod
chmod 750 /sbin/installpkg
chmod 750 /sbin/isapnp
chmod 750 /sbin/killall5
chmod 750 /sbin/lilo
chmod 750 /sbin/makepkg
chmod 750 /sbin/mke2fs
chmod 750 /sbin/mkfs
chmod 750 /sbin/mkfs.minix
chmod 750 /sbin/mkdosfs
chmod 750 /sbin/mkraid
chmod 750 /sbin/mkswap
chmod 750 /sbin/modinfo
chmod 750 /sbin/netconfig.color
chmod 750 /sbin/netconfig.tty
chmod 750 /sbin/pkgtool
chmod 750 /sbin/pnpdump
chmod 750 /sbin/removepkg
chmod 750 /sbin/rpc.portmap
chmod 750 /sbin/quotaon
chmod 750 /sbin/rdev
chmod 750 /sbin/runlevel
chmod 750 /sbin/setserial
chmod 750 /sbin/swapon
chmod 750 /sbin/tune2fs
chmod 750 /sbin/upgradepkg
chmod 750 /sbin/uugetty
chmod 750 /usr/bin/eject
chmod 4750 /usr/bin/gpasswd
chmod 750 /usr/bin/lpq
chmod 750 /usr/bin/lprm
chmod 4750 /usr/bin/lpr
chmod 750 /usr/bin/minicom
chmod 700 /usr/bin/nohup
chmod 700 /usr/bin/script
chmod 500 /usr/lib/news/bin/inndstart
chmod 500 /usr/lib/news/bin/startinnfeed
chmod 750 /usr/lib/setup/cpkgtool
chmod 750 /usr/lib/setup/hdsetup
chmod 750 /usr/sbin/atd
chmod 750 /usr/sbin/atrun
chmod 750 /usr/sbin/crond
chmod 750 /usr/sbin/ctrlaltdel
chmod 750 /usr/sbin/dhcpd
chmod 750 /usr/sbin/dhcrelay
chmod 750 /usr/sbin/edquota
chmod 750 /usr/sbin/groupadd
chmod 750 /usr/sbin/groupdel
chmod 750 /usr/sbin/groupmod
chmod 750 /usr/sbin/grpck
chmod 750 /usr/sbin/grpconv
chmod 750 /usr/sbin/grpunconv
chmod 750 /usr/sbin/hdparm
chmod 750 /usr/sbin/imapd
chmod 750 /usr/sbin/in.comsat
chmod 755 /usr/sbin/in.fingerd
chmod 755 /usr/sbin/in.identd
chmod 750 /usr/sbin/in.talkd
chmod 000 /usr/sbin/in.rexecd
chmod 000 /usr/sbin/in.rlogind
chmod 000 /usr/sbin/in.rshd
chmod 750 /usr/sbin/in.telnetd
chmod 000 /usr/sbin/in.tftpd
chmod 750 /usr/sbin/in.timed
chmod 750 /usr/sbin/inetd
chmod 750 /usr/sbin/ipop3d
chmod 750 /usr/sbin/klogd
chmod 2750 /usr/sbin/lpc
chmod 740 /usr/sbin/lpd
chmod 750 /usr/sbin/lpf
chmod 550 /usr/sbin/makemap
chmod 750 /usr/sbin/mouseconfig
chmod 750 /usr/sbin/named
chmod 750 /usr/sbin/newusers
chmod 750 /usr/sbin/nmbd
chmod 750 /usr/sbin/ntpdate
chmod 750 /usr/sbin/ntpq
chmod 750 /usr/sbin/ntptime
chmod 750 /usr/sbin/ntptrace
chmod 750 /usr/sbin/pppd
chmod 750 /usr/sbin/pwck
chmod 750 /usr/sbin/pwconv
chmod 750 /usr/sbin/pwunconv
chmod 550 /usr/sbin/quotastats
chmod 750 /usr/sbin/rpc.bootparamd
chmod 750 /usr/sbin/rpc.mountd
chmod 750 /usr/sbin/rpc.nfsd
chmod 750 /usr/sbin/rpc.rusersd
chmod 750 /usr/sbin/rpc.rwalld
chmod 750 /usr/sbin/rpc.yppasswdd
chmod 750 /usr/sbin/rpc.ypxfrd
chmod 750 /usr/sbin/rpcinfo
chmod 750 /usr/sbin/showmount
chmod 750 /usr/sbin/smbd
chmod 750 /usr/sbin/syslogd
chmod 750 /usr/sbin/tcpd
chmod 750 /usr/sbin/tcpdchk
chmod 750 /usr/sbin/tcpdmatch
chmod 750 /usr/sbin/tcpdump
chmod 750 /usr/sbin/timeconfig
chmod 750 /usr/sbin/useradd
chmod 750 /usr/sbin/userdel
chmod 750 /usr/sbin/usermod
chmod 750 /usr/sbin/vipw
Reply With Quote
The Following User Says Thank You to demonize For This Useful Post:
AbannyvabVask (18th December 2013)
Sponsored Links
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
add web site serr57 Installation/Configuration 18 13th April 2008 11:40
Postfix delivery problem erebus Installation/Configuration 6 28th October 2007 16:20
Chroot SSH + ISPConfig Norman Installation/Configuration 27 26th March 2007 03:40
Systemimager (rsync) doesn't copy all comedit HOWTO-Related Questions 11 19th January 2007 17:17
Howto suggestion suse PhP ver 4 + Ver 5 wwparrish Suggest HOWTO 11 7th August 2006 13:29


All times are GMT +2. The time now is 17:25.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.