Unix File Protection
UNIX offers a file protection system that is straightforward and simple to use. However, many people are not aware of the value of this powerful mechanism. A secure environment is achieved not only by the operating system, but also through vigilant user and administrative practices. There are many schemes and mechanisms used in the UNIX operating system, as well as some simple tricks that are available to give the kind of file protection administrators want. For the purpose of this paper, a company with 5,000 employees, where 4,990 employees are allowed access to a specific file will be assessed.
When using Unix OS, as a bare minimum, the administrator needs to understand file-level security management at its most basic form. Failing to understand this could cause major problems later on. The key to file security on a UNIX system is to restrict file permissions as much as possible without keeping the system from doing what it needs to do, and without preventing access to a shared file. UNIX default protection needs to be enhanced to provide the proper level of protection that a company is look for in an operating system. The first front line protection involves using a unique user ID and password combination to restrict access to a system. Once a user has gained access to a system, further protection is needed to prevent unauthorized access or change to protected files. One way this can be done is by using the Access Control Lists (ACL’s), which an administrator can give individuals or groups varying levels of privileges. ACL lists users and their authorized access rights.
UNIX file permissions have three classes of users. The first is the user, which is the owner of the file or directory. They are also the creator of the file. The user is the one who can decide who has what rights, such as read or write to the file (make changes). Next there is the group class. These members belong to a group of users. Lastly, others are users who are neither the files owner,
When using Unix OS, as a bare minimum, the administrator needs to understand file-level security management at its most basic form. Failing to understand this could cause major problems later on. The key to file security on a UNIX system is to restrict file permissions as much as possible without keeping the system from doing what it needs to do, and without preventing access to a shared file. UNIX default protection needs to be enhanced to provide the proper level of protection that a company is look for in an operating system. The first front line protection involves using a unique user ID and password combination to restrict access to a system. Once a user has gained access to a system, further protection is needed to prevent unauthorized access or change to protected files. One way this can be done is by using the Access Control Lists (ACL’s), which an administrator can give individuals or groups varying levels of privileges. ACL lists users and their authorized access rights.
UNIX file permissions have three classes of users. The first is the user, which is the owner of the file or directory. They are also the creator of the file. The user is the one who can decide who has what rights, such as read or write to the file (make changes). Next there is the group class. These members belong to a group of users. Lastly, others are users who are neither the files owner,
References: Bishop, M. (n.d.). File Protection in UNIX. ucdavis.edu. Retrieved May 10, 2013, from http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0CC4QFjAA&url=http%3A%2F%2Fnob.cs.ucdavis.edu%2Fbishop%2Fpapers%2F1987-decpro%2Ffilepro.ps&ei=gqORUZzGGem70gHX0oGICw&usg=AFQjCNFkWp7ekP675HOm2Y0er8g4-HKerg&bvm=bv.46471029,d.dmQ Using UNIX Permissions to Protect Files - Oracle Solaris Administration: Security Services. (n.d.). Oracle Documentation. Retrieved May 10, 2013, from http://docs.oracle.com/cd/E23824_01/html/821-1456/secfile-60.html