Home > Articles

This chapter is from the book

Lab Exercise 3.1: Managing Linux Security

In this exercise, you will work with Linux users, groups, ownership, and permissions. Complete the following steps:

  1. Boot your Linux server and authenticate as your student user with a password of novell.

  2. Open a terminal session.

  3. Change to the root user account by entering su – and providing a password of novell.

  4. Create a new text file by completing the following:

    1. At the shell prompt, enter cd /tmp.

    2. Create a new text file called example.txt by entering vim ./example.txt at the shell prompt.

    3. Press Ins.

    4. For the contents of the file, enter This is a text file.

    5. Press Esc and then enter :exit.

  5. Check the properties of example.txt by entering ls –l example.txt at the shell prompt.

Who owns the example.txt file? What group is it assigned to?

If you completed these steps correctly, root should be the owner of example.txt and the root group should be assigned to the file.

What permissions have been automatically assigned to example.txt?

Owner should be assigned Read and Write permissions. Group should be assigned the Read permission. Other should be assigned the Read permission.

Test the permissions by completing the following:

  1. At the shell prompt, enter exit.

  2. At the shell prompt, enter cd /tmp.

  3. Select Applications, KDE Menu, Editors, KWrite.

  4. Select File, Open.

  5. Browse to and select /tmp/example.txt and then click OK.

  6. Add a line after the first line that reads "This is the second line."

  7. Select File, Save.

Were you able to save the file? Why or why not?

You should see a warning indicating that you don't have the Write permission. Recall that you are now authenticated as the student user. This user isn't the file owner and isn't a member of the root group. That makes the permissions assigned to Other applicable. Other was assigned only Read permissions.

Continue with these steps:

  1. In the warning dialog, click OK.

  2. Select File > Quit.

  3. When prompted to save changes, select No.

Change the permissions assigned to example.txt by completing the following:

  1. In your terminal session, enter su – and supply a password of novell.

  2. Enter cd /tmp.

  3. Remove the Read permission from Others by entering chmod 640 ./example.txt at the shell prompt.

  4. Verify the permissions assigned to example.txt by entering ls –l example.txt. It should have -rw-r----- permissions assigned to it.

  5. Enter exit at the shell prompt.

Now try to access example.txt as the student user:

  1. Select Applications, KDE Menu, Editors, KWrite.

  2. Select File, Open.

  3. Browse to and select /tmp/example.txt and then click OK.

Can you see the contents of example.txt? Why or why not?

If you assigned permissions correctly, you should not be able to see the contents of the file. As the student user, you have no permissions to the file.

Create a restricted folder by completing the following steps:

  1. In your terminal session, enter su – and provide a password of novell.

  2. At the session prompt, enter cd /tmp.

  3. Create a directory named HideMe by entering mkdir HideMe at the session prompt.

  4. Make the HideMe directory restricted from anyone but root or the root group by entering chmod 640 ./HideMe.

  5. Enter exit.

Try to access the HideMe directory as the student user by completing the following steps:

  1. At the session prompt, enter cd /tmp.

  2. Generate a listing of the contents of /tmp by entering ls |more.

Do you see the HideMe directory displayed?

You should be able to view the directory.

Now try changing to the HideMe directory by entering cd /tmp/HideMe.

Were you able to change to the HideMe directory? Why or why not?

You should receive a message indicating that you don't have the appropriate permissions to access the directory.

Execute a script file by completing the following steps:

  1. Change back to the root user account by entering su – and entering a password of novell.

  2. Change to the /tmp directory by entering cd /tmp.

  3. At the shell prompt, enter ls scriptfile.txt.

  4. You should see the scriptfile.txt file you created in the previous chapter. This file contains a series of commands that can be executed from within the file. If you skipped that exercise, go back now and create the text file according to the lab instructions.

  5. Verify that scriptfile.txt contains the correct commands by entering cat ./scriptfile.txt. You should see the commands you entered in the previous exercise.

  6. Try to execute the file by entering ./scriptfile.txt.

What happens? Why?

You should see a message indicating that permission to run the file is denied. This happens because the Execute permission has not been granted.

Continue by following these steps:

  1. Grant the Execute permission to all users by entering chmod 777 ./scriptfile.txt at the shell prompt.

  2. Execute the script by entering ./scriptfile.txt.

What happens this time?

The file should execute the commands.

To finish this lab exercise, enter exit at the shell prompt.

That's it for this lab exercise. You now know how to manage basic Linux file system privileges. You'll now learn how to manage your system's network configuration.

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.