Useful Links
Computer Science
Operating Systems
Linux
Linux Security
1. Introduction to Linux Security
2. User and Group Management
3. Filesystem and Data Security
4. Mandatory Access Control (MAC) Frameworks
5. Network Security
6. System Auditing, Logging, and Monitoring
7. System Hardening
8. Advanced Security Topics
Filesystem and Data Security
Standard File Permissions
Permission Types
Read Permission
Write Permission
Execute Permission
Permission Representation
Symbolic Notation
Octal Notation
Binary Representation
Permission Management
chmod Command
umask Configuration
Default Permissions
Permission Inheritance
Ownership Management
chown Command
chgrp Command
Ownership Inheritance
Security Implications
Special File Permissions
Set User ID (SUID)
Functionality and Purpose
Security Implications
Identifying SUID Files
Common SUID Programs
SUID Security Risks
Set Group ID (SGID)
File SGID Behavior
Directory SGID Behavior
Group Inheritance
Identifying SGID Files
Sticky Bit
Directory Protection
Shared Directory Usage
Identifying Sticky Bit
Common Applications
Access Control Lists (ACLs)
ACL Concepts
Extended Permissions
ACL Types
Mask Calculations
Viewing ACLs
getfacl Command
ACL Output Interpretation
Default ACL Display
Setting ACLs
setfacl Command
User-specific Permissions
Group-specific Permissions
Default ACLs
ACL Inheritance
ACL Management
Modifying Existing ACLs
Removing ACLs
Copying ACLs
Backup and Restore
Extended File Attributes
Attribute Types
Immutable Attribute
Append-only Attribute
No-dump Attribute
Secure Deletion Attribute
Managing Attributes
chattr Command
Attribute Syntax
Recursive Operations
Viewing Attributes
lsattr Command
Attribute Display
Filtering Options
Filesystem Security Features
Mount Options
noexec Option
nosuid Option
nodev Option
ro Option
Security Implications
Filesystem Types
ext4 Security Features
XFS Security Features
Btrfs Security Features
ZFS Security Features
Data Encryption
Full Disk Encryption
LUKS Setup
Key Management
Header Backup
Performance Considerations
Encrypted Home Directories
User-specific Encryption
Automatic Mounting
Key Derivation
File-level Encryption
eCryptfs
Setup and Configuration
Directory Encryption
Key Management
fscrypt
Policy Management
Key Derivation
Performance Optimization
Encryption Tools
GnuPG
Symmetric Encryption
Asymmetric Encryption
Key Management
Digital Signatures
OpenSSL
File Encryption
Certificate Management
Hash Functions
Previous
2. User and Group Management
Go to top
Next
4. Mandatory Access Control (MAC) Frameworks