Security
What is Reserved Space for Root? The reserved space for root in a Linux filesystem refers to the percentage of total disk space that is set aside for use exclusively by the root user and other essential system processes. By default, most Linux distributions set aside 5% of the total disk space as reserved space…
Securing Accounts and Passwords Implementing strong password policies is a critical first step towards securing Linux and Unix systems. Short, simple, or default passwords provide easy targets for attackers to gain initial access. Here are some best practices for enhancing password security: Enforce password complexity requirements through modules like pam_cracklib. This ensures passwords have a…
Understanding Zombie Processes A zombie process, also called a defunct process, refers to a process that has completed execution but still has an entry in the process table. This occurs when a child process has terminated but the parent process has not cleaned up or awaited its termination via the wait() system call. Some key…
Understanding Unkillable Processes An unkillable process refers to any process on a Unix-like operating system that cannot be terminated with conventional kill signals like SIGTERM or SIGKILL. These defiant processes continue running despite attempts to shut them down, often requiring special intervention to eliminate. Common causes leading to unkillable processes include: Processes stuck in uninterruptible…
The Linux kernel forms the core of the Linux operating system. As an open-source project with worldwide collaborators, maintaining the security of the Linux kernel is critical. However, with over 30 million lines of code, the scale and complexity of the kernel also invite vulnerabilities. Both security researchers and attackers continuously probe the kernel for…
The Perils of Editing sudoers Directly The sudoers file controls important access privileges on Linux systems, allowing specified users to run commands as other users, typically the root superuser. Directly editing the sudoers file using a text editor like vi or nano can be dangerous, risking syntax errors that may lock admins out of the…
Misconfiguring the Sudoers File The sudoers file controls who can run what commands as sudo on a Linux system. It is located at /etc/sudoers by default and should only be edited using the visudo command. Misconfiguring the sudoers file can lead to security issues or prevent access, so understanding common mistakes can help avoid problems….
Understanding Linux File Permissions The Linux operating system utilizes a sophisticated system of file permissions to control user access to files and directories. The basic permission scheme consists of three classes of users – the file owner, the group owner, and all other users referred to as “others”. Each class of users can be granted…
Why Permissions Don’t Always Update Instantly On Linux systems, user and group information and permissions are cached when a user first logs into a session. This caching mechanism improves performance by avoiding expensive lookups of users, groups, and permissions on every access check. However, the downside is that newly added group memberships or permission changes…
What Causes Group Permission Issues? On Linux systems, every file and folder has assigned permissions for the owner user, the owning group, and all other users. The standard Linux file permission scheme uses the chmod command to set read, write and execute permissions on files and folders for these three entities. Issues can arise when…