source: postlfs/security/security.xml@ f0334b2

10.0 10.1 11.0 6.0 6.1 6.2 6.2.0 6.2.0-rc1 6.2.0-rc2 6.3 6.3-rc1 6.3-rc2 6.3-rc3 7.10 7.4 7.5 7.6 7.6-blfs 7.6-systemd 7.7 7.8 7.9 8.0 8.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind gnome kde5-13430 kde5-14269 kde5-14686 ken/refactor-virt krejzi/svn lazarus nosym perl-modules qt5new systemd-11177 systemd-13485 trunk upgradedb v5_0 v5_0-pre1 v5_1 v5_1-pre1 xry111/git-date xry111/git-date-for-trunk xry111/git-date-test
Last change on this file since f0334b2 was 419dd50, checked in by Larry Lawrence <larry@…>, 18 years ago

shadow/pam patches

git-svn-id: svn:// af4574ff-66df-0310-9fd7-8a98e5e911e0

  • Property mode set to 100644
File size: 1.3 KB
[f45b1953]1<chapter id="postlfs-security">
2<?dbhtml filename="security.html" dir="postlfs"?>
[e1d7dec]5<para>Security takes many forms in a computing environment. This chapter
[419dd50]6gives examples of three different types of security: access, prevention
[cf7ae162]7and detection.</para>
9<para>Access for users is usually handled by <command>login</command> or an
10application designed to handle the login function. In this chapter, we show
11how to enhance <command>login</command> by setting policies with
[e1d7dec]12<application><acronym>PAM</acronym></application> modules. Access via networks
[cf7ae162]13can also be secured by policies set by <application>iptables</application>,
14commonly referred to as a firewall.</para>
16<para>Prevention of breaches, like a trojan, are assisted by applications like
[419dd50]17<application>GnuPG</application>, specifically the ability to confirm signed
[cf7ae162]18packages, which prevents modification of the tarball after the packager creates
21<para> Finally, we touch on detection with a package that stores "signatures"
22of critical files (defined by the administrator) and then regenerates those
[e1d7dec]23"signatures" and compares for files that have been changed.</para>
Note: See TracBrowser for help on using the repository browser.