Return to BSD News archive
Newsgroups: comp.unix.bsd Path: sserve!newshost.anu.edu.au!harbinger.cc.monash.edu.au!bunyip.cc.uq.oz.au!munnari.oz.au!constellation!qns1.qns.com!news.sprintlink.net!peernews.demon.co.uk!demon!trillion.demon.co.uk!alc From: alc@trillion.demon.co.uk (Al) Subject: Brief Unix Security Questionnaire X-Nntp-Posting-Host: trillion.demon.co.uk Message-ID: <alc.13.2F1DA383@trillion.demon.co.uk> Lines: 71 Sender: news@demon.co.uk (Usenet Administration) Organization: Trillion X-Newsreader: Trumpet for Windows [Version 1.0 Rev A] Date: Wed, 18 Jan 1995 23:25:56 GMT I am attempting to collate some security information on UNIX systems and I would be grateful if any of you could complete (even a small part) of this questionnaire. If you dont know an answer - just leave it. Naturally I want the main Unix systems, but the more obscure ones are very welcome too. Rather than fill up a news group with this information I would be grateful if you could email your responses to me at alc@trillion.demon.co.uk. When I have a few back, I will put them together and attempt to produce a definitive FAQ which covers as many Unix systems as possible. Thank you. -----------------------------CUT HERE------------------------------ What version of Unix are we refering to: (eg AIX 3.2, HP/UX9.0 etc.) If a user has a UID of zero in their password file, does this have any special significance? Do they NEED to be UID=0 to SU to root? If a user has a GID of zero in their password file, does this have any special significance? Do they NEED to be GID=0 to SU to root? If the user's home directory field in their password file is BLANK, can they still logon to the system? If the user's home directory field in their password file is INVALID, can they still logon to the system? If the user's shell script in their password file is BLANK, can they still logon to the system? If the user's shell script in their password file is INVALID, can they still logon to the system? What is the effect of having a directory flagged as SGID? What is the effect of having a directory flagged as STICKY? In which directory is the password file normally held? (eg /etc/passwd) In which directory is the group file normally held? (eg /etc/group) Is this version of unix capable of enforcing security? (eg HP/UX - Convert to trusted system using SAM) Is a 'shadow' password file created? Where is this normally file located? What fields are stored in the shadow password file? Does this system have the 'uname' command? Are there any groups which MUST exist on this system? Are there any special groups (either names or GIDS) which confer special privileges on a user? (eg OPER or KMEM) -----------------------------CUT HERE------------------------------ Email to alc@trillion.demon.co.uk