UNIX Design Concepts

Permissions
A core security feature of these systems is the concept of permissions. All files in a typical Unix-style filesystem have permissions enabling different access to the file.

Permissions on a file are commonly set using the chmod command and seen through the ls command. For example:

-r-xr-xr-x 1 root wheel 745720 Sep 8 2002 /bin/sh

Unix permissions permit different users access to a file. Different user groups have different permissions on a file.

User groups
Users under Unix style operating systems often belong to managed groups with specific access permissions. This enables users to be grouped by the level of access they have to this system

Issues
Most Unix style systems have an account or group which enables a user to exact complete control over the system, often known as a root account. If access to this account is gained by an unwanted user, this results in a complete breach of the system. A root account however is necessary for administrative purposes, and for the above security reasons the root account is seldom used for day to day purposes (the sudo program is more commonly used), so usage of the root account can be more closely monitored.

User and administrative techniques
Unix has many tools that can improve security if used properly by users and administrators.

Passwords
Selecting a strong password and guarding it properly is probably the most important thing a user can do to improve Unix security. In Unix systems, passwords are usually stored under the file /etc/passwd. Actually this file stores more rather than just passwords, it keeps track of the users registered in the system and their main definitions. The entries in /etc/passwd are like this:

username:encrypted_password:UserIDNo:GroupIDNo:Complete_Name:home_dir:shell_name

An example would be:

dave28:1zuW2nX3sslp3:1000:102:David Carlos Saraiva:/home/dave28:/bin/bash

As all users must have access to this file in order for the system to compare the password given at the login prompt with the one stored in the file, one security issue was raised - anyone could have access to the file and retrieve other user's encrypted password. To solve this problem the protected file /etc/shadow was created to store the passwords. In the /etc/passwd file, the 2nd field is replaced by an 'x' which tells the system to retrieve the corresponding user's password from the shadow file.

The shadow file usually only contains the first two fields:

xfze:1zuW2nX3sslp3:::::

The remaining fields in the /etc/shadow file can include the minimum number of days between password changes, the maximum number of days until the password must be changed, the number of days of warning given before the password must be changed, the number of days after the password must be changed when the account becomes unusable and the date (expressed as the number of days since January 1st, 1970) when the account is expired. These fields may be used to improve UNIX security by enforcing a password security policy.