Modifications
Historique de la page
Update Securing a server
rédigé
juil. 31, 2020
par
LaplongeJunior
Afficher les modifications d'espaces
En ligne
Côte à côte
Securing-a-server.md
Voir la page @
414c32c6
...
@@ -7,7 +7,7 @@ Ergo : As all different services may be required in normal circumstances, most m
...
@@ -7,7 +7,7 @@ Ergo : As all different services may be required in normal circumstances, most m
0b) All non-root users are assumed "public access", either for missions or for open-source scripts
0b) All non-root users are assumed "public access", either for missions or for open-source scripts
Ergo : close-sourced scripts should use root access
Ergo : close-sourced scripts should use root access
0c) All files restricted to root are assumed "critical data" by default
0c) All files restricted to root are assumed "critical data" by default
Ergo : open-sourced scripts should call a closed-source script
s
, stored on the server, who use
s
root privileges to access critical data
Ergo : open-sourced scripts should call a closed-source script, stored on the server, who
then will
use root privileges to access critical data
Threat 1 : Root access
Threat 1 : Root access
1a) Any service can allow to log or lock root with the good vulnerability
1a) Any service can allow to log or lock root with the good vulnerability
...
...
...
...
