You're reading from Mastering Linux Security and Hardening A practical guide to protecting your Linux system from cyber attacks

Product type Paperback

Published in Feb 2023

Publisher Packt

ISBN-13 9781837630516

Length 618 pages

Edition 3rd Edition

Languages

Tools

Linux

Concepts

Hardening

Author (1):

Donald A. Tevault

View More author details

Table of Contents (22) Chapters

Preface

1. Section 1: Setting up a Secure Linux System

2. Running Linux in a Virtual Environment FREE CHAPTER

3. Securing Administrative User Accounts

4. Securing Normal User Accounts

5. Securing Your Server with a Firewall – Part 1

6. Securing Your Server with a Firewall — Part 2

7. Encryption Technologies

8. SSH Hardening

9. Section 2: Mastering File and Directory Access Control (DAC)

10. Mastering Discretionary Access Control

11. Access Control Lists and Shared Directory Management

12. Section 3: Advanced System Hardening Techniques

13. Implementing Mandatory Access Control with SELinux and AppArmor

14. Kernel Hardening and Process Isolation

15. Scanning, Auditing, and Hardening

16. Logging and Log Security

17. Vulnerability Scanning and Intrusion Detection

18. Prevent Unwanted Programs from Running

19. Security Tips and Tricks for the Busy Bee

20. Other Books You May Enjoy

21. Index

Creating a shared directory

The next act in our scenario involves creating a shared directory that all the members of our marketing department can use. Now, this is another one of those areas that engenders a bit of controversy. Some people like to put shared directories in the root level of the filesystem, while others like to put shared directories in the /home/ directory. Some people even have other preferences. But really, it’s a matter of personal preference and/or company policy. Other than that, it really doesn’t much matter where you put them. For our purposes, to make things simple, I’ll just create the directory in the root level of the filesystem:

[donnie@localhost ~]$ cd /
[donnie@localhost /]$ sudo mkdir marketing
[sudo] password for donnie:
[donnie@localhost /]$ ls -ld marketing
drwxr-xr-x. 2 root root 6 Nov 13 15:32 marketing
[donnie@localhost /]$

The new directory belongs to the root user. It has a permissions setting of 755, which permits...