Unix security

This article needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "Unix security" – news · newspapers · books · scholar · JSTOR (September 2014) (Learn how and when to remove this message)

Unix security refers to the means of securing a Unix or Unix-like operating system.

A core security feature in these systems is the file system permissions. All files in a typical Unix filesystem have permissions set enabling different access to a file.

Unix permissions permit different users access to a file. Different user groups have different permissions on a file.

Many Unix implementations add an additional layer of security by requiring that a user be a member of the wheel user privileges group in order to access the su command.^[1]

Most Unix and Unix-like systems have an account or group which enables a user to exact complete control over the system, often known as a root account. If access to this account is gained by an unwanted user, this results in a complete breach of the system. A root account however is necessary for administrative purposes, and for the above security reasons the root account is seldom used for day to day purposes (the sudo program is more commonly used), so usage of the root account can be more closely monitored. ^{[citation needed]}

Selecting strong passwords and guarding them properly are important for Unix security. ^{[citation needed]}

On many UNIX systems, user and password information, if stored locally, can be found in the /etc/passwd and /etc/shadow file pair.

Operating systems, like all software, may contain bugs in need of fixing or may be enhanced with the addition of new features. Patching the operating system in a secure manner requires that the software come from a trustworthy source and not have been altered since it was packaged. Common methods for verifying that operating system patches have not been altered include the use of the digital signature of a cryptographic hash, such as a SHA-256 based checksum, or the use of read-only media.^{[citation needed]}

Unix-like operating systems are immune to most Microsoft Windows viruses because binaries created to run on Windows generally won't run on other platforms. However, many Unix like installations provide file storage services to Microsoft Windows clients, such as through the use of Samba software, and may unintentionally become a repository for viruses stored by users. It is common for Unix servers to act as mail transfer agents and as a consequence email virus scanning is often installed. The ClamAV virus scanner is available in source code form and may be used to scan Unix file systems for viruses which infect other operating systems.

There are viruses and worms that target Unix-like operating systems. In fact, the first computer worm—the Morris worm—targeted Unix systems.

Network firewall protects systems and networks from network threats which exist on the opposite side of the firewall. Firewalls can block access to strictly internal services, unwanted users and in some cases filter network traffic by content.^{[citation needed]}

This This section may contain an excessive amount of intricate detail that may interest only a particular audience. Please help by spinning off or relocating any relevant information, and removing excessive detail that may be against Wikipedia's inclusion policy. (2024-04-13) (Learn how and when to remove this message)

This section's factual accuracy may be compromised due to out-of-date information. The reason given is: Iptables is no longer the "current interface". Please help update this article to reflect recent events or newly available information. (January 2014)

iptables is the current user interface for interacting with Linux kernel netfilter functionality. It replaced ipchains. Other Unix like operating systems may provide their own native functionality and other open source firewall products exist.

• rootkits, kernel modules, chkrootkit
• exploit details, buffer overflows, local vs remote

• Practical UNIX and Internet Security, Simson Garfinkel and Gene Spafford, O'Reilly & Associates, 2003.

Wikibooks has a book on the topic of: UNIX Computing Security

Wikiversity has learning resources about Unix security

• The Unix Security Model for web server administration Archived 2006-10-04 at the Wayback Machine Robert K. Moniot 2000
• An Architectural Overview of UNIX Network Security Robert B. Reinhardt 1993
• Unix security papers