System Level Security - Unix System Files Assignment Help

Assignment Help: >> Security - System Level Security - Unix System Files

Unix System Files (/etc/passwd,/etc/shadow,/etc/group)

/etc/passwd

The password file is debatably the most critical system file in Linux system (and many other UNIX's). It holds the mappings of user ID, username, and the main group ID in which a person belongs to. It might also holds the original password Moreover, it is more likely (and much more secure) to use shadow passwords to keep the passwords in /etc/shadow. This file MUST be worldwide readable; or else commands even as easy as ls will fail to work properly. A GECOS field can hold data such as the real name, phone number and many more for the user. An  home directory is  the  default directory the  users  get  placed in  if  they log  in interactively, and the login shell have to be an interactive shell (like as bash, or a menu program) and listed in /etc/shells for the user to log in. The arrangement is:

username:encrypted_password:UID:GID:GECOS_field(comment):home_directory:login_ shell

The Passwords are stored utilizing a one way hash the default hash used is crypt, newer distributions carry MD5 that is extensively stronger. A Password cannot be recovered from the encrypted result. Moreover, a password could be found through using brute force to hash strings of text and compare them. At one time a match is found the user knows the password. This in itself is commonly not a problem, the problem occurs whenever users selects passwords which can be simply guessed. The present survey results have shown in which 25 percent of passwords could be broken in under an hour, and what is even worse is that 4 percent of users select their own names as the password. Empty fields in the password field are left empty, a ":"symbol can be seen; that is something which is critical for the first four fields that are name, password, uid and gid.

/etc/shadow

The shadow file contains the password and username pairs, as well as account information like as expiry date and many other special fields. This file should be protected at all cost and only the root user should have read permission to it.

/etc/groups

The  groups  file  holds all  the  group  membership information and  optional items  like  as  group password (classically stored in gshadow on current systems). This file should be worldwide readable for the system to behave accurately. The format is:

groupname:encrypted_password:GID:member11,member12,member13

A group might holds no members that is it is unused a single member or multiple members, and the password is optional and classically not used.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd