Topic 16 – Users and security Flashcards
within linux where were passwords historically stored
Historically these were saved in the /etc/passwd file but this now only contains each user and metadata for each user
what does the salt value added to a password offer resistance to
this offers resistance to dictionary and rainbow attacks
how does linux determine which file permissions to use and what 3 scenarios are spawned from this
to achieve this linux uses the user id (UID) and group id (GID) of the current process and the file
from here:
- If the User ID(UID) of the current process matches the User ID(UID) of the file (the owner of the file) then the user permissions are used
- If the Group ID(GID) of the current process matches the Group ID(GID) of the file (the group owner of the file) then the group permissions are used
- If the User ID(UID) of the current process and the Group ID(GID) of the current process failed to match the file then the other user permissions are used
this linux command is used to administer /etc/group and /etc/gshadow such as adding and deleting members
describe the linux command
Gpasswd
- these offer fine grained control for applying permissions
- This sytem is used by network devices such as firewalls and in operating systems such as windows.
- Typically this will follow an allow and deny implementation for permissions
describe briefly
Access control lists (ACL)
what tasks can super users carry out that normal users cant
this type of user can:
Create change or delete hardware and system files
describe the first 2 columns of the /etc/shadow file and subsequent columns
The columns for this file are as follows:
- First column is the username
- Second column is the hashed password
- Subsequent fields display password set times and password expiry times
this is a linux command used to delete a user or group from the system
describe the linux command
Deluser
what is the
default behaviour of deluser
By default this linux command only deletes the user account and does not remove the home directory or mail spool
to remove the home directory and mail spool include the option
–remove-home
this is represented as:
note
some linux commands allow the numeric expression to be entered as the permissions
describe the binary represenation of the linux permissions
this will set permissions on newfile1 as:
- User has read,write,execute
- Group has read,write
- Other users have read
describe the execution of the linux command
chmod u=rwx,g=rw,o=r newfile1
this is the basic syntax for adding a new user
describe the command
Sudo adduser user
these include:
- the user [u] (you, the owner of the file)
- the group [g] that the file belongs to
- any other users [o]
within linux what are the 3
types of users that can have permisions granted to them
this column is subdivided into three distinct parts which are separated by a $
- $method - this will hold a number that represents the cryptographic method such as 6 corresponds to SHA-512 (Secure Hash Algorithm with 512-bit block,
- $salt - this holds the salt value generated by the OS on the password creation it will be added to the password before encryption
- $hash - this is the hashed password with salt hash value
describe the
second column of the /etc/shadow file
this is a linux file that holds all the groups on the system
describe the linux file
/etc/group
this is the basic syntax to add a new group in linux
describe the command
sudo addgroup group
this linux command is used to add new users and groups
describe the linux command
Adduser
name 5 properties of a hash function
these include:
- the same input always gives the same output
- a small change in input gives a large change in output
- the output doesn’t depend on the length of the input
- the chance of two different inputs giving the same output is extremely small
- the transformation is one-way.
this is a file that has passwords and the hash value already calculated
describe briefly a dictionary attack
describe the linux command
Addgroup
this is a linux command that is used to add groups to the system
describe the execution of the linux command
chmod u=rwx,g=rw,o=r newfile1
this will set permissions on newfile1 as:
- User has read,write,execute
- Group has read,write
- Other users have read
the actions it takes include:
- Adds the user to the system
- Adds a group of the same name to the system
- The user and group are then associated
- A home directory is created for the user in /home
- Default files are copied from the /etc/skel directory to /home/user
- Password configuration is asked for
- Metadata is asked for such as full name, mobile number
what are the 7
actions that adduser takes upon execution
within linux what are the 3
types of users that can have permisions granted to them
these include:
- the user [u] (you, the owner of the file)
- the group [g] that the file belongs to
- any other users [o]
this linux command will delete ali from the students group
what is the outcome of executing the following linux command
sudo gpasswd -d ali students
generates all possible combinations of letters, digits and symbols up to some length
describe briefly a
rainbow attack
what benefits are there from being a member of the
sudo group
being a member of this group allows a user to use the sudo command and temporarily take on the role of the root user
the reason for this is that:
this file must be publicly readable for command such as ls which need to read this file in order to translate a UID to a human readable format such as ali
why must the
/etc/passwd
be publically readable
this will add the execute permission to the granted permissions for the user, group and other users
describe the output of the following linux command
chmod ugo+x newfile1
or
chmod a+x newfile1
describe briefly
Access control lists (ACL)
- these offer fine grained control for applying permissions
- This sytem is used by network devices such as firewalls and in operating systems such as windows.
- Typically this will follow an allow and deny implementation for permissions
describe the linux file
/etc/group
this is a linux file that holds all the groups on the system
how may owners may a linux file have
this may have:
- one user owner
- one group owner
note
this limited implementation can can cause problems when multiple groups for example need access to the file
The columns for this file are as follows:
- First column is the username
- Second column is the hashed password
- Subsequent fields display password set times and password expiry times
describe the first 2 columns of the /etc/shadow file and subsequent columns
what are the 7
actions that adduser takes upon execution
the actions it takes include:
- Adds the user to the system
- Adds a group of the same name to the system
- The user and group are then associated
- A home directory is created for the user in /home
- Default files are copied from the /etc/skel directory to /home/user
- Password configuration is asked for
- Metadata is asked for such as full name, mobile number
these include:
- the same input always gives the same output
- a small change in input gives a large change in output
- the output doesn’t depend on the length of the input
- the chance of two different inputs giving the same output is extremely small
- the transformation is one-way.
name 5 properties of a hash function
describe the linux command
Chmod
also known a change mode where mode refers to permissions
is a linux command for controlling permissions
describe the linux command
Gpasswd
this linux command is used to administer /etc/group and /etc/gshadow such as adding and deleting members
also known a change mode where mode refers to permissions
is a linux command for controlling permissions
describe the linux command
Chmod
this could include:
- (for a file)
- d (for a directory)
- l (for a link)
- b (for a block device)
- C (for a character device)
what are 5 characters that could be held as the
first character from the output of ls -l
this is the basic syntax for modifying permissions.
describe the following linux command
chmod [ugoa][-+=][rwx]
this will print the name of the user that is currently in control
describe the linux command
Whoami
name 2 advantages of
separating super user and normal user
the advantages of this are:
- Safegaurding the user - separating the superusers and normal user offers a safe guard for the user in that system changing commands cannot be accidentally executed
- Malware protection - if the normal user only uses there normal account then malware cannot gain full access to the system by simply gaining access to this account
this is a linux command that is used to add groups to the system
describe the linux command
Addgroup
what is the outcome of executing the following linux command
sudo gpasswd -d ali students
this linux command will delete ali from the students group
describe the linux directory
/etc/skel
this is a linux directory that can hold a skeleton contents of a new users home directory.
Adduser copies the contents of this directory into the users home directory upon creation
these are now stored inside the /etc/shadow file and is read/write only for the root user
note
the /etc/passwd file now has a placeholder where this used to be stored
the placeholder could be ‘x’ which represents that it is being held somewhere in an encrypted form
where are
linux passwords now stored
within linux this is the basic syntax that will delete a group
describe the command
Delgroup group
describe the linux directory
/etc/passwd
this is a linux file that contains essential information about all user accounts on the system
describe how the following syntax is used
chmod [ugoa][-+=][rwx]
from this:
[ugoa] - one character may be chosen from this group a=ugo
[-+=] - one character may be chosen from this group = will set permissions regardless of what they were previously
[rwx] - any combination of characters may be chosen from this group if a character is ommitted then the permission is not granted
describe the following linux command
chmod [ugoa][-+=][rwx]
this is the basic syntax for modifying permissions.
describe the linux command
Deluser
this is a linux command used to delete a user or group from the system
this type of user can:
Create change or delete hardware and system files
what tasks can super users carry out that normal users cant
to achieve this linux uses the user id (UID) and group id (GID) of the current process and the file
from here:
- If the User ID(UID) of the current process matches the User ID(UID) of the file (the owner of the file) then the user permissions are used
- If the Group ID(GID) of the current process matches the Group ID(GID) of the file (the group owner of the file) then the group permissions are used
- If the User ID(UID) of the current process and the Group ID(GID) of the current process failed to match the file then the other user permissions are used
how does linux determine which file permissions to use and what 3 scenarios are spawned from this
describe briefly a
rainbow attack
generates all possible combinations of letters, digits and symbols up to some length
describe the command
Sudo adduser user
this is the basic syntax for adding a new user
these include:
- Username: This field stores the usernames which are used while login into the system. The length of this field is between 1 and 32 characters.
- Password: This field store the password of the user. The x character indicates the password is stored in /etc/shadow file in the encrypted format. We can use the passwd command to update this field.
- User ID(UID): User identifier is the number assigned to each user by the operating system to refer the users. The 0 UID is reserved for the root user. And 1-99 UID are reserved for other predefined accounts. And 100-999 are reserved by the system for administrative and system accounts/groups.
- Group ID(GID): Group identifier is the number indicating the primary group of users. Most of the time it is the same as the UID.
- User ID Info (GECOS): This is a comment field. This field contains information like the user phone number, address, or full name of the user. This field is used by the finger command to get information about the user.
- Home directory: This field contains the absolute path of the user’s home directory. By default, the users are created under the /home directory. If this file is empty, then the home directory of that user will be /
- Login shell: This field store the absolute path of the user shell. This shell is started when the user is log in to the system.
describe the
7 columns of the /etc/passwd file
what are 5 characters that could be held as the
first character from the output of ls -l
this could include:
- (for a file)
- d (for a directory)
- l (for a link)
- b (for a block device)
- C (for a character device)
describe the binary represenation of the linux permissions
this is represented as:
note
some linux commands allow the numeric expression to be entered as the permissions
these include:
- Read [r] (from the file)
- Write [w] (to the file)
- Execute [x] (run the file)
within linux what are the
three types of permissions that may be granted to a type of user
this is a linux file that contains essential information about all user accounts on the system
describe the linux directory
/etc/passwd
the advantages of this are:
- Safegaurding the user - separating the superusers and normal user offers a safe guard for the user in that system changing commands cannot be accidentally executed
- Malware protection - if the normal user only uses there normal account then malware cannot gain full access to the system by simply gaining access to this account
name 2 advantages of
separating super user and normal user
describe briefly a dictionary attack
this is a file that has passwords and the hash value already calculated
this is interpreted as:
- First set of three characters (2 - 4) - are the permissions given to the user
- Second set of three characters (5 - 7) - are the permissions granted to the group
- Third set of three characters (8 - 10) - are the permissions granted to any other users
from the
output of ls -l what do the characters 2 - 10 represent
describe how the permissions
read,write and execute affect directories
this is affected as follows:
- Read - allows you to list the directory contents (ls)
- Write - allows you to create and delete content within the directory
- Execute - allows you to access the directory (cd)
describe the
second column of the /etc/shadow file
this column is subdivided into three distinct parts which are separated by a $
- $method - this will hold a number that represents the cryptographic method such as 6 corresponds to SHA-512 (Secure Hash Algorithm with 512-bit block,
- $salt - this holds the salt value generated by the OS on the password creation it will be added to the password before encryption
- $hash - this is the hashed password with salt hash value
where are
linux passwords now stored
these are now stored inside the /etc/shadow file and is read/write only for the root user
note
the /etc/passwd file now has a placeholder where this used to be stored
the placeholder could be ‘x’ which represents that it is being held somewhere in an encrypted form
describe the
7 columns of the /etc/passwd file
these include:
- Username: This field stores the usernames which are used while login into the system. The length of this field is between 1 and 32 characters.
- Password: This field store the password of the user. The x character indicates the password is stored in /etc/shadow file in the encrypted format. We can use the passwd command to update this field.
- User ID(UID): User identifier is the number assigned to each user by the operating system to refer the users. The 0 UID is reserved for the root user. And 1-99 UID are reserved for other predefined accounts. And 100-999 are reserved by the system for administrative and system accounts/groups.
- Group ID(GID): Group identifier is the number indicating the primary group of users. Most of the time it is the same as the UID.
- User ID Info (GECOS): This is a comment field. This field contains information like the user phone number, address, or full name of the user. This field is used by the finger command to get information about the user.
- Home directory: This field contains the absolute path of the user’s home directory. By default, the users are created under the /home directory. If this file is empty, then the home directory of that user will be /
- Login shell: This field store the absolute path of the user shell. This shell is started when the user is log in to the system.
describe the linux command
Adduser
this linux command is used to add new users and groups
what is the outcome of executing the following linux command
sudo gpasswd -a ali students
this linux command will add ali to the students group
By default this linux command only deletes the user account and does not remove the home directory or mail spool
to remove the home directory and mail spool include the option
–remove-home
what is the
default behaviour of deluser
describe the linux command
Whoami
this will print the name of the user that is currently in control
describe the command
sudo addgroup group
this is the basic syntax to add a new group in linux
this linux command will add ali to the students group
what is the outcome of executing the following linux command
sudo gpasswd -a ali students
describe the output of the following linux command
chmod ugo+x newfile1
or
chmod a+x newfile1
this will add the execute permission to the granted permissions for the user, group and other users
Historically these were saved in the /etc/passwd file but this now only contains each user and metadata for each user
within linux where were passwords historically stored
describe the command
Delgroup group
within linux this is the basic syntax that will delete a group
being a member of this group allows a user to use the sudo command and temporarily take on the role of the root user
what benefits are there from being a member of the
sudo group
from the
output of ls -l what do the characters 2 - 10 represent
this is interpreted as:
- First set of three characters (2 - 4) - are the permissions given to the user
- Second set of three characters (5 - 7) - are the permissions granted to the group
- Third set of three characters (8 - 10) - are the permissions granted to any other users
why must the
/etc/passwd
be publically readable
the reason for this is that:
this file must be publicly readable for command such as ls which need to read this file in order to translate a UID to a human readable format such as ali
from this:
[ugoa] - one character may be chosen from this group a=ugo
[-+=] - one character may be chosen from this group = will set permissions regardless of what they were previously
[rwx] - any combination of characters may be chosen from this group if a character is ommitted then the permission is not granted
describe how the following syntax is used
chmod [ugoa][-+=][rwx]
within linux what are the
three types of permissions that may be granted to a type of user
these include:
- Read [r] (from the file)
- Write [w] (to the file)
- Execute [x] (run the file)
this is affected as follows:
- Read - allows you to list the directory contents (ls)
- Write - allows you to create and delete content within the directory
- Execute - allows you to access the directory (cd)
describe how the permissions
read,write and execute affect directories
this offers resistance to dictionary and rainbow attacks
what does the salt value added to a password offer resistance to
this may have:
- one user owner
- one group owner
note
this limited implementation can can cause problems when multiple groups for example need access to the file
how may owners may a linux file have
this is a linux directory that can hold a skeleton contents of a new users home directory.
Adduser copies the contents of this directory into the users home directory upon creation
describe the linux directory
/etc/skel
