 | This article has multiple issues. Please helpimprove it or discuss these issues on thetalk page.(Learn how and when to remove these messages) (Learn how and when to remove this message)
|
Unix security refers to the means ofsecuring aUnix orUnix-likeoperating system.
A core security feature in these systems is thefile system permissions. All files in a typicalUnix filesystem have permissions set enabling different access to a file.Unix permissions permit different users access to a file with different privilege (e.g., reading, writing, execution). Like users, differentuser groups have different permissions on a file.
Many Unix implementations add an additional layer of security by requiring that a user be a member of thewheeluser privileges group in order to access thesu command.[1]
Most Unix and Unix-like systems have an account or group which enables a user to exact complete control over the system, often known as aroot account. If access to this account is gained by an unwanted user, this results in a complete breach of the system. A root account however is necessary for administrative purposes, and for the above security reasons the root account isseldom used for day to day purposes (thesudo program is more commonly used), so usage of the root account can be more closely monitored.[citation needed]
Selecting strongpasswords and guarding them properly are important for Unix security.[citation needed]
On many UNIX systems, user and password information, if stored locally, can be found in the/etc/passwd and/etc/shadow file pair.
Operating systems, like all software, may contain bugs in need of fixing or may be enhanced with the addition of new features; many UNIX systems come with a package manager for this. Patching the operating system in a secure manner requires that the software come from a trustworthy source and not have been altered since it was packaged. Common methods for verifying that operating system patches have not been altered include the use of thedigital signature of acryptographic hash, such as aSHA-256 based checksum, or the use of read-only media.[citation needed]
There are viruses and worms that target Unix-like operating systems. In fact, the first computer worm—theMorris worm—targeted Unix systems.
There arevirus scanners for UNIX-like systems, frommultiple vendors.
Network firewall protects systems and networks from network threats which exist on the opposite side of the firewall. Firewalls can block access to strictly internal services, unwanted users and in some cases filter network traffic by content.[citation needed]
 | This section'sfactual accuracy may be compromised due to out-of-date information. The reason given is: Iptables is no longer the "current interface". Please help update this article to reflect recent events or newly available information.(January 2014) |
iptables is the current user interface for interacting withLinux kernelnetfilter functionality. It replacedipchains. OtherUnix like operating systems may provide their own native functionality and otheropen source firewall products exist.
