The ADM user/group
shimi
linux-il at shimi.net
Mon Jan 24 11:36:33 IST 2011
2011/1/24 Michael Ben-Nes <michael at epoch.co.il>
> Hi everyone,
>
> I been asked to remove the adm group from one of the system I manage.
>
> What is the purpose of this group?
> Will the removal contribute to the general security of the OS?
>
>
Generally used for administrators in their non-privileged user, in order to
perform administrative jobs that relate to monitoring, reading logs from
/var/log - etc.
So you could put the admin user in this group, and every log file with adm
as the group would be readable by him (and chmod the logs to 640) - and not
to all the users on the system.
HTH,
-- Shimi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20110124/c9af186b/attachment.html>
More information about the Linux-il
mailing list