Chapter 3
System has users and groups
Everything is a file: processes, devices, network connections and have uid/gid
root is always 0, gid 0, users starts from 1000
su != sudo
setuid and setgid
setuid and setgid: Runs with pre-defined uid/gid instead of the runner user’s uid/gid https://www.geeksforgeeks.org/setuid-setgid-and-sticky-bits-in-linux-file-permissions/
sudo
/etc/sudoers
sudoreplay Defaults log_output Defaults!/usr/bin/sudoreplay !log_output Defaults!/sbin/reboot !log_output visudo
Disable root account with /bin/false /bin/nonlogin on /etc/passwd
PAM
PAM: single-signon Kerberos: network crypto auth (part of AD)
Linux capabilities
Linux namespaces
AppArmor (canonical), Smack, TOMOYO, Yama, SELinux
MAC Mandatory access control
Others
https://www.thegeekdiary.com/understanding-the-etc-skel-directory-in-linux/ https://www.maketecheasier.com/check-sudo-history-linux/ https://www.redhat.com/sysadmin/pluggable-authentication-modules-pam https://www.vultr.com/docs/working-with-linux-capabilities/
Umask
Umask permissions