<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <HTML> <HEAD> <META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9"> <TITLE>Linux Security HOWTO: $B$h$/$"$k<ALd(B</TITLE> <LINK HREF="Security-HOWTO-13.html" REL=next> <LINK HREF="Security-HOWTO-11.html" REL=previous> <LINK HREF="Security-HOWTO.html#toc12" REL=contents> </HEAD> <BODY> <A HREF="Security-HOWTO-13.html">$B<!$N%Z!<%8(B</A> <A HREF="Security-HOWTO-11.html">$BA0$N%Z!<%8(B</A> <A HREF="Security-HOWTO.html#toc12">$BL\<!$X(B</A> <HR> <H2><A NAME="q-and-a"></A> <A NAME="s12">12. $B$h$/$"$k<ALd(B</A></H2> <P> <OL> <LI> $B%I%i%$%P$r%+!<%M%k$KD>@\AH$_9~$`$N$H(B, $B%b%8%e!<%k$H$7$F:n@.$9$k(B $B$N$G$O(B, $B$I$A$i$,0BA4$G$7$g$&$+(B? <P>$B2sEz(B: $B%b%8%e!<%k$rMQ$$$?%G%P%$%9%I%i%$%P$N%m!<%I5!G=$OL58z$K$7$F$*$/J}(B $B$,NI$$$H$$$&0U8+$N?M$b$$$^$9(B. $B$H$$$&$N$b(B, $B?/F~<T$,%H%m%$$NLZGO$r;E9~$s(B $B$@%b%8%e!<%k$d%7%9%F%`$N%;%-%e%j%F%#$K1F6A$rM?$($k%b%8%e!<%k$r%m!<%I$9(B $B$k$+$b$7$l$J$$$+$i$G$9(B. <P>$B$7$+$7(B, $B%b%8%e!<%k$rFI$_9~$`$?$a$K$O(B root $B$K$J$i$J$/$F$O$J$j$^$;$s(B. $B%b%8%e!<%k$N%*%V%8%'%/%H%U%!%$%k$r=q$-49$($k$3$H$,$G$-$k$N$b(B root $B$@$1(B $B$G$9(B. $B$D$^$j(B, $B?/F~<T$,%b%8%e!<%k$rAH$_9~$`$?$a$K$O(B, root $B8"8B$,I,MW$G(B $B$9(B. $B5U$K?/F~<T$,(B root $B8"8B$rF@$F$7$^$C$?$i(B, $B%b%8%e!<%k$r%m!<%I$9$k$+$I(B $B$&$+$H$$$&$3$H$h$j$b(B, $B$b$C$H?<9o$J;vBV$K$J$j$^$9(B. <P>$B%b%8%e!<%k$O$"$^$jIQHK$K;HMQ$7$J$$FCDj%G%P%$%9$rF0E*$KFI$_9~$`$?$a$N;E(B $BAH$_$G$9(B. $BNc$($P%5!<%P%^%7%s$dKI2PJI$J$I$G$O(B, $B$3$&$$$&$3$H$O$"$^$j5/$3(B $B$j$^$;$s(B. $B=>$C$F(B, $B%5!<%P$H$7$FF0$+$9%^%7%s$G$O(B, $B%+!<%M%k$KD>@\%I%i%$%P(B $B$rAH$_9~$`J}$,NI$$$G$7$g$&(B. $B$^$?(B, $B%b%8%e!<%k$r;H$&$HD>@\%+!<%M%k$KAH$_(B $B9~$`>l9g$h$j$bF0:n$,CY$/$J$j$^$9(B. <P> </LI> <LI> $B%j%b!<%H$N%^%7%s$+$i(B root $B$G%m%0%$%s$G$-$^$;$s(B. <P>$B2sEz(B: <A HREF="Security-HOWTO-4.html#root-security">root $B$N%;%-%e%j%F%#(B</A>$B$N>O$rFI$_$^$7$g$&(B. $B$3$l$O%j%b!<%H$N%f!<%6$,(B <CODE>telnet</CODE> $B$G(B <CODE>root</CODE> $B$H$7$F%m%0%$%s$7$h$&$H$9$k$N$rKI$0$?$a(B, $B$o$6$H$=$&$7$F$$$k$N$G$9(B. <CODE>root</CODE> $B$H$7$F(B <CODE>telnet</CODE> $B$G%m%0%$%s$9$k$N$O(B $B%;%-%e%j%F%#E*$KHs>o$K4m81$J$3$H$G$9(B. $B%k!<%H$N%Q%9%o!<%I$,J?J8$N$^$^(B ($B0E9f2=$5$l$:$K(B) $B%M%C%H%o!<%/$KAw=P$5$l$F$7$^$&$G$7$g$&(B. $B?/F~<T$K$J$k2DG=@-$r;}$C$??M$O>o$K$"$J$?$N$=$P$K$$$F(B, $B%Q%9%o!<%I$rEp$`$?$a$N%W%m%0%i%`$r<+F0E*$KF0$+$7$F$$$k$3$H$rK:$l$F$O$J$j$^$;$s(B. <P> </LI> <LI> Red Hat Linux 4.2, 5.x $B$G%7%c%I%&%Q%9%o!<%I$r;H$&$K$O$I$&$9$l$PNI$$$G$7$g$&(B? <P>$B2sEz(B: <P>$B%7%c%I%&%Q%9%o!<%I$rM-8z$K$9$k$K$O(B, root $B$G(B <CODE>pwconv</CODE> $B$r<B9T$7$^$9(B. <CODE>/etc/shadow</CODE> $B$,B8:_$7(B, $B%"%W%j%1!<%7%g%s$,$3$l$KBP1~$7$F$$$J$1$l$P$$$1$^$;$s(B. Red Hat 4.2 $B0J9_$r$4MxMQ$J$i(B, $BB>$KJQ99$9$k$3$H$J$/(B, PAM $B%b%8%e!<%k$,<+F0E*$K(B $BIaDL$N(B <CODE>/etc/passwd</CODE> $B$+$i%7%c%I%&%Q%9%o!<%I$X$N0\9T$KDI=>$7$F$/$l$^$9(B. <P>$BGX7J@bL@(B: $B%7%c%I%&%Q%9%o!<%I$O(B, $BI8=`$N(B <CODE>/etc/passwd</CODE> $B%U%!%$%k0J30$N(B $B%U%!%$%k$K%Q%9%o!<%I$r3JG<$9$k5!9=$G$9(B. $B$3$l$K$O$$$/$D$+$NMxE@$,$"$j$^(B $B$9(B. $B:G=i$NMxE@$O(B, $B%7%c%I%&%U%!%$%k(B <CODE>/etc/shadow</CODE> $B$OC/$G$bFI$a$J(B $B$1$l$P$J$i$J$$(B <CODE>/etc/passwd</CODE> $B%U%!%$%k$H0[$J$j(B, root $B$7$+FI$_=P(B $B$;$J$$E@$G$9(B. $BJL$NMxE@$O(B, $B4IM}<T$H$7$F(B, $BB>$N%f!<%6%"%+%&%s%H$N>uBV$rC/(B $B$K$bCN$i$;$J$$$^$^(B, $B%"%+%&%s%H$rM-8z$^$?$OL58z$K$G$-$k$3$H$G$9(B. <P>$B%7%c%I%&%Q%9%o!<%I$r;H$C$F$$$F$b(B, $B%f!<%6$d%0%k!<%WL>$N3JG<$K$O(B <CODE>/etc/passwd</CODE> $B%U%!%$%k$,;H$o$l$^$9(B. $B$3$N%U%!%$%k$O(B, <CODE>/bin/ls</CODE> $BEy$N%W%m%0%i%`$,%G%#%l%/%H%jI=<($N:]$K%f!<%6(B ID $B$rE,(B $B@Z$J%f!<%6L>$KJQ49$9$k$?$a$K;H$$$^$9(B. <P><CODE>/etc/shadow</CODE> $B%U%!%$%k$K$O(B, $B%f!<%6L>$H%Q%9%o!<%I$H%"%+%&%s%H$N(B $BM-8z4|8B$J$I$N%"%+%&%s%H>pJs$@$1$,4^$^$l$F$$$^$9(B. <P>$B%7%c%I%&%Q%9%o!<%I$rM-8z$K$9$k$?$a$K$O(B, root $B$K$J$C$F(B <CODE>pwconv</CODE> $B%3%^%s%I$r$r<B9T$7$^$9(B. $B$9$k$H(B <CODE>/etc/shadow</CODE> $B%U%!%$%k$,:n$i$l(B, $B%"%W%j%1!<%7%g%s$K;H$o$l$k$h$&$K$J$j$^$9(B. Red Hat 4.2 $B0J9_$G$O(B, $BDL>o$N(B <CODE>/etc/passwd</CODE> $B%U%!%$%k$+$i%7%c%I%&%Q%9%o!<%I$X$NJQ99$X$NE,9g$O(B PAM $B%b%8%e!<%k$,<+F0E*$K9T$$$^$9(B. $BB>$NJQ99$OA4$/I,MW$"$j$^$;$s(B. <P>$B%Q%9%o!<%I$N0BA4$r9M$($F$$$l$P(B, $B$?$V$s%Q%9%o!<%I$b:G=i$+$iNI$$$b$N$r(B $B:n$m$&$H;W$&$G$7$g$&(B. $B$3$l$r9T$&$?$a$K(B PAM $B$N0lIt$G$"$k(B `pam_cracklib' $B%b%8%e!<%k$,MxMQ$G$-$^$9(B. $B$3$l$O%Q%9%o!<%I$KBP$7$F(B Crack $B%i%$%V%i%j$rE,MQ$7(B, $B%Q%9%o!<%I%/%i%C%-%s%0%W%m%0%i%`$K$h$C$F4JC1(B $B$K?dB,$5$l$J$$$+$I$&$+D4$Y$k$3$H$,$G$-$^$9(B. <P> </LI> <LI> Apache $B$N(B SSL $B3HD%$O$I$&$d$C$FM-8z$K$9$k$N$G$9$+(B? <P>$B2sEz(B: <P> <OL> <LI>$B%P!<%8%g%s(B 0.8.0 $B0J9_$N(B SSLeay $B$r(B <A HREF="ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL">ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL</A> $B$+$iF~<j$7$^$9(B<P> </LI> <LI>$B$3$l$r%3%s%Q%$%k(B, $B%F%9%H(B, $B$=$7$F%$%s%9%H!<%k$7$^$9(B<P> </LI> <LI>Apache 1.2.5 $B$N%=!<%9$rF~<j$7$^$9(B<P> <A HREF="ftp://ftp.ox.ac.uk/pub/crypto/SSL/apache_1.2.5+ssl_1.13.tar.gz">$B$3$3(B</A> $B$+$i(B Apache SSLeay $B3HD%$rF~<j$7$^$9(B <P> </LI> <LI>$B$3$l$r(B Apache 1.2.5 $B$N%=!<%9%G%#%l%/%H%j$GE83+$7(B, README $B$K=>$C$F%Q%C(B $B%A$rEv$F$^$9(B<P> </LI> <LI>$B@_Dj$H%3%s%Q%$%k$r9T$$$^$9(B<P> </LI> </OL> <P> <A HREF="http://www.zedz.com">ZEDZ net</A> $B$+$i3F<o%P%$%J%j%Q%C%1!<%8$rF~<j$9$k$3$H$b$G$-$^$9(B. $B$3$l$O%"%a%j%+9q30$K$"$j$^$9(B. <P> </LI> <LI> $B%;%-%e%j%F%#$r3NJ]$7$?$^$^$G(B, $B%f!<%6%"%+%&%s%H$r=hM}$9$k$K$O$I(B $B$&$9$l$PNI$$$G$7$g$&(B? <P>$B2sEz(B: Red Hat $B%G%#%9%H%j%S%e!<%7%g%s(B, $BFC$K(B Red Hat 5.0 $B$K$O(B, $B%f!<%6%"%+%&%s%H$N>uBV$rJQ99$9$k%D!<%k$,$?$/$5$sF~$C$F$$$^$9(B. <P> <UL> <LI>$B%7%c%I%&%Q%9%o!<%I$HHs%7%c%I%&%Q%9%o!<%I$rAj8_JQ49$9$k(B <CODE>pwconv</CODE> $B$H(B <CODE>unpwconv</CODE></LI> <LI><CODE>passwd</CODE> $B%U%!%$%k$H(B <CODE>group</CODE> $B%U%!%$%k$N9=@.$,@5$7$$(B $B$+$I$&$+8!::$9$k(B <CODE>pwck</CODE> $B$H(B <CODE>grpck</CODE></LI> <LI>$B%f!<%6%"%+%&%s%H$NDI2C(B, $B:o=|(B, $BJQ99$r9T$&(B <CODE>useradd</CODE>, <CODE>usermod</CODE>, <CODE>userdel</CODE>. $B%0%k!<%W$K$D$$$FF1MM$N:n6H$r9T$&$?(B $B$a$N(B <CODE>groupadd</CODE>, <CODE>gropumod</CODE>, <CODE>groupdel</CODE></LI> <LI>$B%0%k!<%W$K%Q%9%o!<%I$r@_Dj$9$k(B <CODE>gpasswd</CODE></LI> </UL> <P>$B$3$l$i$N%W%m%0%i%`$OA4$F!V%7%c%I%&BP1~!W$G$9(B. $B$D$^$j(B, $B%7%c%I%&%Q%9%o!<(B $B%I$,M-8z$G$"$l$P(B, <CODE>/etc/shadow</CODE> $B$N%Q%9%o!<%I>pJs$r;2>H$7(B, $BM-8z(B $B$G$J$1$l$P$3$N%U%!%$%k$O;2>H$7$^$;$s(B. <P>$B>\$7$/$O(B, $B$=$l$>$l$N%3%^%s%I$N%*%s%i%$%s%^%K%e%"%k$r;2>H$7$F$/$@$5$$(B. <P> </LI> <LI> Apache $B$GFCDj$N(B HTML $B$r%Q%9%o!<%I$GJ]8n$9$k$K$O$I$&$9$l$P$h$$(B $B$G$7$g$&$+(B? <P> <A HREF="http://www.apacheweek.com">http://www.apacheweek.org</A> $B$N$3$H$r$4B8$8$J$$$G$7$g$&(B? <P>$B%f!<%6G'>Z$K$D$$$F$O(B, <A HREF="http://www.apacheweek.com/features/userauth">http://www.apacheweek.com/features/userauth</A> $B$K>pJs$,$"$j$^$9$7(B, $B%&%'%V%5!<%P$K4X$9$k$=$NB>$N%R%s%H$b(B <A HREF="http://www.apache.org/docs/misc/security_tips.html">http://www.apache.org/docs/misc/security_tips.html</A> $B$K$"$j$^$9(B. </LI> </OL> <HR> <A HREF="Security-HOWTO-13.html">$B<!$N%Z!<%8(B</A> <A HREF="Security-HOWTO-11.html">$BA0$N%Z!<%8(B</A> <A HREF="Security-HOWTO.html#toc12">$BL\<!$X(B</A> </BODY> </HTML>