Linux User Access Notes

/etc/login.access User ID 0 means root.

rwxt where t means you can work with own files only.

Setuid is like RunAs in Windows NT.
Rwxs means that you have rights only to change contents and not the file.

Umask used to remove permissions not to be given.

Syslog.conf Used by devices
/etc/inetd.conf inet daemon services
/etc/passwd carries passwords
awk -F : ‘length($2) < | {print $1} < /etc/passwd
Shows all accounts with no passwords.
Sort +2n -t: /etc/password Sort by UID
find / -perm 2000 -ls
find / -perm 4000 -ls Find SUID files
Crackers John The Ripper.

Book: Practical Unix and Internet Security.