<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
<META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
<TITLE>Linux Security HOWTO: �$B%U%!%$%k$H%U%!%$%k%7%9%F%`$N%;%-%e%j%F%#�(B</TITLE>
<LINK HREF="Security-HOWTO-6.html" REL=next>
<LINK HREF="Security-HOWTO-4.html" REL=previous>
<LINK HREF="Security-HOWTO.html#toc5" REL=contents>
</HEAD>
<BODY>
<A HREF="Security-HOWTO-6.html">�$B<!$N%Z!<%8�(B</A>
<A HREF="Security-HOWTO-4.html">�$BA0$N%Z!<%8�(B</A>
<A HREF="Security-HOWTO.html#toc5">�$BL\<!$X�(B</A>
<HR>
<H2><A NAME="file-security"></A> <A NAME="s5">5. �$B%U%!%$%k$H%U%!%$%k%7%9%F%`$N%;%-%e%j%F%#�(B</A></H2>
<P>�$B%7%9%F%`$r%M%C%H%o!<%/$K7R$0A0$K>/$7=`Hw$H7W2h$r9T$&$@$1$G�(B,
�$B%7%9%F%`$H$=$NCf$N%G!<%?$r<i$k$N$KLrN)$D$G$7$g$&�(B.
<UL>
<LI>�$B%f!<%6$N%[!<%`%G%#%l%/%H%j$K�(B
SUID/SGID �$B$7$?%W%m%0%i%`$rCV$$$F<B9T$5$;$kM}M3$OA4$/$"$j$^$;$s�(B.
root �$B0J30$N%f!<%6$,=q$-9~$_2DG=$J%Q!<%F%#%7%g%s$KBP$7$F$O�(B
<CODE>/etc/fstab</CODE> �$B$G�(B <CODE>nosuid</CODE> �$B%*%W%7%g%s$r;H$$$^$7$g$&�(B.
�$B$^$?�(B, �$B%f!<%6$N%[!<%`%Q!<%F%#%7%g%s$d�(B <CODE>/var</CODE>
�$B$G$O�(B <CODE>nodev</CODE> �$B$d�(B <CODE>noexec</CODE> �$B$r;H$*$&$H9M$($k$+$b$7$l$^$;$s�(B.
�$B$3$l$i$N%*%W%7%g%s$O%W%m%0%i%`$N<B9T$d�(B,
�$B%-%c%i%/%?%G%P%$%9!&%V%m%C%/%G%P%$%9$N:n@.$r6X;_$7$^$9�(B.
�$B$3$l$i$O$$$:$l$K$;$hI,MWL5$$$O$:$G$9�(B. </LI>
<LI>NFS �$B$rMQ$$$F%U%!%$%k%7%9%F%`$r%(%/%9%]!<%H$7$F$$$k>l9g$OI,$:�(B,
�$B%"%/%;%9$r$G$-$k8B$j87$7$/@_Dj$7$F$/$@$5$$�(B.
�$B$D$^$j�(B <CODE>/etc/exports</CODE> �$B$G$G$-$k8B$j87$7$$%"%/%;%9@)8B$r9T$C$F$/$@$5$$�(B.
�$B$3$l$O%o%$%k%I%+!<%I$r;H$o$J$$$3$H�(B,
root �$B$G$N=q$-9~$_%"%/%;%9$r5v2D$7$J$$$3$H�(B,
�$B$G$-$k8B$jFI$_<h$j@lMQ$G%(%/%9%]!<%H$9$k$H$$$&$3$H$G$9�(B.</LI>
<LI>�$B%U%!%$%k:n@.$N�(B <CODE>umask</CODE> �$B$r$G$-$k8B$j87$7$/@_Dj$7$F$/$@$5$$�(B.
<A HREF="#umask">umask �$B$N@_Dj�(B</A> �$B$r$4Mw$/$@$5$$�(B. </LI>
<LI>NFS �$BEy$N%M%C%H%o!<%/%U%!%$%k%7%9%F%`$rMQ$$$F�(B
�$B%U%!%$%k%7%9%F%`$r%^%&%s%H$7$F$$$k$J$i$P�(B,
�$BI,$:�(B /etc/exports �$B$GE,@Z$J@)8B$rIU$1$?@_Dj$K$7$F$/$@$5$$�(B.
�$BIaDL$O�(B `nodev', `nosuid', �$B$=$l$+$iB?J,�(B `noexec' �$B$,K>$^$7$$$G$7$g$&�(B.</LI>
<LI>�$B%G%U%)%k%H$N�(B <CODE>unlimited</CODE> �$B$rG'$a$k$N$G$O$J$/�(B,
�$B%U%!%$%k%7%9%F%`$K@)8BCM$r@_Dj$7$^$7$g$&�(B.
�$B%j%=!<%9@)8B$r9T$&�(B PAM �$B%b%8%e!<%k$H�(B
<CODE>/etc/pam.d/limits.conf</CODE> �$B$r;H$C$F�(B,
�$B%f!<%6JL$K@)8f$9$k$3$H$,$G$-$^$9�(B.
�$BNc$($P�(B, �$B%0%k!<%W�(B <CODE>users</CODE> �$B$N@)8B$O0J2<$N$h$&$K$J$j$^$9�(B:
<P>
<BLOCKQUOTE><CODE>
<PRE>
@users hard core 0
@users hard nproc 50
@users hard rss 5000
</PRE>
</CODE></BLOCKQUOTE>
<P>�$B$3$N@_Dj$O�(B, �$B%3%"%U%!%$%k$N:n@.$r6X;_$7�(B, �$B%W%m%;%9$N?t$r�(B 50 �$B$K@)8B$7�(B,
�$B%a%b%j$N;HMQNL$r%f!<%6�(B 1 �$B?M$"$?$j�(B 5MB �$B$K@)8B$9$k$b$N$G$9�(B.
<P>
</LI>
<LI><CODE>/var/log/wtmp</CODE>, <CODE>/var/run/utmp</CODE> �$B%U%!%$%k$K$O�(B,
�$B%7%9%F%`$NA4$F$N%f!<%6$N%m%0%$%s5-O?$,5-O?$5$l$F$$$^$9�(B.
�$B$3$N%U%!%$%k$O@dBP$$$8$i$l$J$$$h$&$K$7$J$/$F$O$J$j$^$;$s�(B.
�$B$H$$$&$N$b�(B, �$B$3$N%U%!%$%k$r;H$C$F%f!<%6�(B (�$B$"$k$$$O?/F~<T$G$"$k2DG=@-$,$"$k?M�(B)
�$B$,$$$D�(B, �$B$I$3$+$i%7%9%F%`$KF~$C$?$N$+$rCN$k$3$H$,$G$-$k$+$i$G$9�(B.
�$B$3$N%U%!%$%k$N%Q!<%_%C%7%g%s$O�(B 644 �$B$K$9$Y$-$G$9�(B.
�$B$3$N@_Dj$ODL>o$N%7%9%F%`A`:n$K1F6A$rM?$($^$;$s�(B.
<P>
</LI>
<LI>immutable �$B%S%C%H$r;H$&$H�(B,
�$B<i$i$J$/$F$O$J$i$J$$%U%!%$%k$r;v8N$G>C$7$?$j>e=q$-$9$k$3$H$rKI$0$3$H$,$G$-$^$9�(B.
�$B$3$N%S%C%H$r;H$C$F�(B,
�$BC/$+$,$3$N%U%!%$%k$KBP$9$k%7%s%\%j%C%/%j%s%/$r:n@.$9$k$N$rKI$0$3$H$b$G$-$^$9�(B
(�$B$3$&$$$C$?%7%s%\%j%C%/%j%s%/$O:#$^$G�(B <CODE>/etc/passwd</CODE> �$B$d�(B
<CODE>/etc/shadow</CODE> �$B$N:o=|$r4^$`967b$N<jCJ$H$J$C$F$-$^$7$?�(B).
immutable �$B%S%C%H$N>pJs$K$D$$$F$O�(B,
�$B%*%s%i%$%s%^%K%e%"%k$N�(B <CODE>chattr(1)</CODE> �$B$r;2>H$7$F$/$@$5$$�(B.
<P>
</LI>
<LI>SUID, SGID �$B$5$l$?%U%!%$%k$,%7%9%F%`$K$"$k$H�(B
�$B%;%-%e%j%F%#$K$H$C$F$O@x:_E*$K4m81$J$N$G�(B,
�$B$3$l$i$N%U%!%$%k$O$-$A$s$H4F;k$7$F$$$J$1$l$P$J$j$^$;$s�(B.
�$B$3$N$h$&$J%W%m%0%i%`$O<B9T$7$?%f!<%6$KFCJL$J8"8B$rM?$($k$N$G�(B,
�$B0BA4$G$J$$%W%m%0%i%`$,@dBP$K%$%s%9%H!<%k$5$l$J$$$h$&$K$9$kI,MW$,$"$j$^$9�(B.
�$B%/%i%C%+!<$,9%$s$G;H$&%H%j%C%/$H$7$F�(B, root �$B$K�(B SUID �$B$5$l$?%W%m%0%i%`$r$$$8$j�(B,
�$B85$N%;%-%e%j%F%#%[!<%k$,:I$,$l$F$b<!2s$K;H$($kN"8}$H$7$F�(B,
SUID �$B$5$l$?%W%m%0%i%`$r;D$7$F$*$/J}K!$,$"$j$^$9�(B.
<P>�$B%7%9%F%`>e$N�(B SUID/SGID �$B$5$l$?%W%m%0%i%`$rA4$F8+$D$1�(B,
�$B$=$l$i$,$I$&$J$C$F$$$k$+$r4F;k$7$^$9�(B.
�$B?/F~<T$N2DG=@-$r<($9$3$l$i$N%U%!%$%k$NJQ2=$KCm0U$7$F$/$@$5$$�(B.
�$B%7%9%F%`>e$N�(B SUID/SGID �$B$5$l$?%W%m%0%i%`$rA4$F8+$D$1$k$K$O�(B
�$B0J2<$N%3%^%s%I$r;H$$$^$9�(B:
<P>
<BLOCKQUOTE><CODE>
<PRE>
root# find / -type f \( -perm -04000 -o -perm -02000 \)
</PRE>
</CODE></BLOCKQUOTE>
<P>Debian �$B%G%#%9%H%j%S%e!<%7%g%s$O�(B,
SUID �$B$5$l$?%U%!%$%k$,B8:_$9$k$+$I$&$+$rD4$Y$k%8%g%V$rKhHU<B9T$7$^$9�(B.
�$B$=$7$F�(B, �$B$3$l$r:rHU$N<B9T7k2L$HHf3S$7$^$9�(B.
�$B$3$N%m%0$O�(B <CODE>/var/log/setuid*</CODE> �$B$G;2>H$G$-$^$9�(B.
<P>�$B2x$7$$%W%m%0%i%`$O�(B <CODE>chmod</CODE> �$B$r;H$C$F�(B
SUID �$B$d�(B SGID �$B$N%Q!<%_%C%7%g%s$r<h$j=|$/$3$H$,$G$-$^$9�(B.
�$B$I$&$7$F$bI,MW$@$H;W$C$?;~$K$O%Q!<%_%C%7%g%s$rLa$9$3$H$b$G$-$^$9�(B.
<P>
</LI>
<LI>�$BA4$F$N%f!<%6!<$,=q$-9~$_2DG=$J%U%!%$%k�(B(�$BFC$K%7%9%F%`%U%!%$%k�(B)�$B$O�(B,
�$B%/%i%C%+!<$,$"$J$?$N%7%9%F%`$K%"%/%;%9$7$F�(B, �$B=$@5$9$k$3$H$K$h$j�(B
�$B%;%-%e%j%F%#%[!<%k$H$J$j$($^$9�(B. �$B$5$i$K�(B,
�$BC/$b$,=q$-9~$a$k%G%#%l%/%H%j$H$$$&$b$N$b�(B,
�$B%/%i%C%+!<$,<+M3$K%U%!%$%k$NDI2C!&:o=|$,$G$-$k$?$a4m81$G$9�(B.
�$B%7%9%F%`>e$K$"$k$3$N$h$&$J%U%!%$%k$N0LCV$rFCDj$9$k$K$O�(B,
�$B0J2<$N%3%^%s%I$r;H$$$^$9�(B:<P>
<BLOCKQUOTE><CODE>
<PRE>
root# find / -perm -2 ! -type l -ls
</PRE>
</CODE></BLOCKQUOTE>
�$B$=$l$+$i�(B, �$B$I$&$7$F$3$l$i$N%U%!%$%k$,=q$-9~$_2DG=$K$J$C$?$N$+$r3N$+$a$F$/$@$5$$�(B.
�$BIaDL$KA`:n$7$F$$$k>l9g$G$b�(B,
<CODE>/dev</CODE> �$B$N$$$/$D$+$N%U%!%$%k$d%7%s%\%j%C%/%j%s%/Ey$r4^$a$F�(B,
�$BC/$G$b=q$-9~$a$k%U%!%$%k$,$$$/$D$+$"$j$^$9�(B.
�$B$7$?$,$C$F�(B, <CODE>! -type l</CODE> �$B$rMQ$$$F�(B,
�$B@h$N�(B <CODE>find</CODE> �$B%3%^%s%I$N7k2L$+$i$3$l$i$r<h$j=|$$$F$/$@$5$$�(B.
</LI>
<LI><P>�$B=jM-<T$N$$$J$$%U%!%$%k$b?/F~<T$,%7%9%F%`$K%"%/%;%9$7$?2DG=@-$r<($7$^$9�(B.
�$B=jM-<T$,$$$J$$%U%!%$%k$d�(B, �$B$I$N%0%k!<%W$K$bB0$7$F$$$J$$%U%!%$%k$O�(B,
�$B0J2<$N%3%^%s%I$G8+$D$1$k$3$H$,$G$-$^$9�(B:
<P>
<BLOCKQUOTE><CODE>
<PRE>
root# find / -nouser -o -nogroup -print
</PRE>
</CODE></BLOCKQUOTE>
<P>
</LI>
<LI><CODE>.rhosts</CODE> �$B%U%!%$%k$r8+$D$1$k$3$H$b�(B,
�$B%7%9%F%`4IM}<T$NF|>o6HL3$N0lIt$G$9�(B.
�$B$3$N%U%!%$%k$r%7%9%F%`$K@_CV$9$k$N$O5v2D$9$Y$-$G$J$$$+$i$G$9�(B.
�$B%/%i%C%+!<$,%M%C%H%o!<%/A4BN$K%"%/%;%9$9$k2DG=@-$rF@$k$?$a$K$O�(B,
�$B0BA4$G$J$$%"%+%&%s%H$,�(B 1 �$B$D$@$1$"$l$PNI$$$H$$$&$3$H$rK:$l$J$$$G$/$@$5$$�(B.
�$B%7%9%F%`>e$NA4$F$N�(B <CODE>.rhosts</CODE>
�$B%U%!%$%k$O0J2<$N%3%^%s%I$G8+$D$1$k$3$H$,$G$-$^$9�(B:
<BLOCKQUOTE><CODE>
<PRE>
root# find /home -name .rhosts -print
</PRE>
</CODE></BLOCKQUOTE>
</LI>
<LI><P>�$B:G8e$K$J$j$^$9$,�(B, �$B%7%9%F%`%U%!%$%k$N%Q!<%_%C%7%g%s$NJQ99$O�(B,
�$B$7$h$&$H$7$F$$$k$3$H$rI,$:M}2r$7$F$+$i$K$7$F$/$@$5$$�(B.
�$B2?$+$rF0$+$9$?$a$N3Z$JJ}K!$@$+$i$H$$$C$F�(B,
�$B%U%!%$%k$N%Q!<%_%C%7%g%s$rJQ$($F$O$$$1$^$;$s�(B.
�$B%Q!<%_%C%7%g%s$rJQ$($kA0$K$O�(B,
�$B%U%!%$%k$N%Q!<%_%C%7%g%s$,$=$&$J$C$F$$$kM}M3$rI,$:M}2r$7$F$/$@$5$$�(B.
<P>
</LI>
</UL>
<H2><A NAME="umask"></A> <A NAME="ss5.1">5.1 umask �$B$N@_Dj�(B</A>
</H2>
<P><CODE>umask</CODE> �$B%3%^%s%I$r;H$C$F�(B,
�$B%7%9%F%`$N%G%U%)%k%H$N%U%!%$%k@8@.%b!<%I$r7h$a$k$3$H$,$G$-$^$9�(B.
umask �$BCM$O@_Dj$7$?$$%U%!%$%k%b!<%I$N�(B 8 �$B?J?t$G$NJd?t$K$J$j$^$9�(B.
�$B%Q!<%_%C%7%g%s$K4X$9$k;XDj$r2?$b9T$o$:$K%U%!%$%k$r@8@.$9$k$H�(B,
�$B%Q!<%_%C%7%g%s$rM?$($k$Y$-$G$J$$2?<T$+$KBP$7$F�(B
�$BFI$_=q$-$N%Q!<%_%C%7%g%s$r0U?^$;$:$KM?$($F$7$^$&$+$b$7$l$^$;$s�(B.
�$BDL>o$O�(B <CODE>umask</CODE> �$BCM$N@_Dj$O�(B <CODE>022</CODE>, <CODE>027</CODE>, <CODE>077</CODE>
�$B$G$9�(B. <CODE>077</CODE> �$B$O:G$b87$7$$@_Dj$G$9�(B. �$BDL>o$O�(B umask �$BCM$O�(B
<CODE>/etc/profile</CODE> �$B$G@_Dj$5$l�(B, �$B%7%9%F%`$NA4%f!<%6$KE,MQ$5$l$^$9�(B.
�$B%U%!%$%k@8@.%^%9%/$O�(B,
777 �$B$+$i4uK>$NCM$r0z$-;;$9$k$3$H$K$h$C$F7W;;$9$k$3$H$,$G$-$^$9�(B.
�$B8@$$49$($k$H�(B, umask �$BCM$,�(B 777 �$B$G$"$l$P�(B,
�$B?7$7$/@8@.$5$l$k%U%!%$%k$OC/$KBP$7$F$b�(B
�$BFI$_=q$-$H<B9T$N%Q!<%_%C%7%g%s$r;}$A$^$;$s�(B. �$B%^%9%/$,�(B
666 �$B$J$i$P�(B, �$B?7$7$/@8@.$5$l$k%U%!%$%k$N%b!<%I$O�(B 111 �$B$H$J$j$^$9�(B.
�$BNc$($P�(B, �$B0J2<$N$h$&$J9T$r@_Dj$G$-$^$9�(B:
<P>
<BLOCKQUOTE><CODE>
<PRE>
# Set the user's default umask
umask 033
</PRE>
</CODE></BLOCKQUOTE>
�$B$?$@$7�(B, root �$B%f!<%6$N�(B umask �$BCM$OI,$:�(B <CODE>077</CODE> �$B$K$7$F$/$@$5$$�(B.
�$B$3$&$7$F$*$/$H�(B, <CODE>chmod</CODE> �$B$r;H$C$FL@<(E*$KJQ$($J$$8B$j�(B,
�$BB>$N%f!<%6$NFI$_=q$-$H<B9T$OL58z$K$J$j$^$9�(B.
umask �$BCM$K�(B 033 �$B$r@_Dj$7$?>l9g$K$O�(B, �$B?7$7$/@8@.$5$l$k%G%#%l%/%H%j$N%Q!<%_%C%7%g%s$O�(B 744 �$B$K$J$j$^$9�(B.
�$B$3$NCM$O�(B 777 �$B$+$i�(B 033 �$B$r0z$$$FF@$i$l$?$b$N$G$9�(B.
umask �$BCM�(B 033 �$B$rMQ$$$F?7$7$/@8@.$5$l$k%U%!%$%k$O%Q!<%_%C%7%g%s�(B 644 �$B$r;}$A$^$9�(B.
<P>Red Hat �$B$r;H$C$F$*$j�(B, Red Hat �$B$N%f!<%6�(B ID, �$B%0%k!<%W�(B ID �$B$N:n@.J}K!�(B
(User Private Groups) �$B$K=>$&>l9g�(B, <CODE>umask</CODE> �$B$K$O�(B <CODE>002</CODE>
�$B$@$1@_Dj$7$F$$$l$P==J,$G$9�(B.
�$B$=$NM}M3$O�(B, �$B%G%U%)%k%H$N@_Dj$G�(B 1 �$B%0%k!<%W$K�(B 1 �$B%f!<%6$7$+$$$J$$$?$a$G$9�(B.
<P>
<H2><A NAME="ss5.2">5.2 �$B%U%!%$%k$N%Q!<%_%C%7%g%s�(B</A>
</H2>
<P>�$B%7%9%F%`4IM}$r9T$&$Y$-$G$J$$%f!<%6$d%0%k!<%W$N8"8B$G$O�(B
�$B%7%9%F%`%U%!%$%k$rJQ99$G$-$J$$$h$&$K$7$F$*$/$N$O=EMW$J$3$H$G$9�(B.
<P>UNIX �$B$O�(B �$B%U%!%$%k$H%G%#%l%/%H%j$N%"%/%;%9@)8f$r�(B 3 �$B$D$NFC@-�(B
(�$B=jM-<T�(B, �$B%0%k!<%W�(B, �$BA40w�(B)�$B$KJ,N%$7$F$$$^$9�(B.
�$B>o$K0l?M$@$1$r;X$9=jM-<T�(B,
�$BG$0U$N?M?t$r;X$;$k%0%k!<%W�(B, �$B$=$7$F$=$l0J30$NA40w$G$9�(B.
<P>�$B0J2<$G�(B UNIX �$B$N%Q!<%_%C%7%g%s$r4JC1$K@bL@$7$^$9�(B:
<P>�$B=jM-8"�(B (ownership) - �$B$"$k%N!<%I$d$=$N?F%N!<%I$N%Q!<%_%C%7%g%s@_Dj$r$I$N%f!<%6�(B,
�$B%0%k!<%W$,9T$&$3$H$,$G$-$k$N$+$r<($7$^$9�(B.
<P>�$B%Q!<%_%C%7%g%s�(B(permissions) - �$B%U%!%$%k$KBP$7$F9T$&$3$H$,$G$-$k�(B
�$B%"%/%;%9$N<oN`$r7h$a$k%S%C%HNs�(B.
�$BAH9g$;$,F1$8$G$b�(B, �$B%G%#%l%/%H%j$N%Q!<%_%C%7%g%s$O�(B
�$B%U%!%$%k$N%Q!<%_%C%7%g%s$H$O0UL#$,0[$J$k$3$H$,$"$j$^$9�(B.
<P>�$BFI$_=P$7�(B(read):
<UL>
<LI>�$B%U%!%$%k$NFbMF$r8+$k$3$H$,$G$-$k�(B</LI>
<LI>�$B%G%#%l%/%H%j$NFbMF$r8+$k$3$H$,$G$-$k�(B</LI>
</UL>
<P>�$B=q$-9~$_�(B(write):
<UL>
<LI>�$B%U%!%$%k$NFbMF$NDI2C�(B, �$B=$@5$,$G$-$k�(B</LI>
<LI>�$B%G%#%l%/%H%j$N%U%!%$%k$N>C5n$d%U%!%$%k0\F0$,$G$-$k�(B</LI>
</UL>
<P>�$B<B9T�(B(execute):
<UL>
<LI>�$B%P%$%J%j$N%W%m%0%i%`$d%7%'%k%9%/%j%W%H$r<B9T$G$-$k�(B</LI>
<LI>�$BFI$_=P$7$N%Q!<%_%C%7%g%s$HAH$_9g$o$;$F�(B,
�$B%G%#%l%/%H%jFb$rD4$Y$k$3$H$,$G$-$k�(B</LI>
</UL>
<P>
<DL>
<DT><B>�$B%F%-%9%HJ]B8B0@-�(B: (�$B%G%#%l%/%H%jMQ�(B)</B><DD><P>�$B%G%#%l%/%H%j$KE,MQ$9$k>l9g�(B,
�$B!V�(Bsticky �$B%S%C%H!W$N0UL#$O%U%!%$%k$KE,MQ$9$k>l9g$H0[$J$j$^$9�(B.
sticky �$B%S%C%H$,%G%#%l%/%H%j$K@_Dj$5$l$F$$$k>l9g$K:o=|$G$-$k%U%!%$%k$O�(B,
�$B$=$N%G%#%l%/%H%j$X$N=q$-9~$_8"8B$,$"$C$?$H$7$F$b�(B,
�$B<+J,$,=jM-$7$F$$$k%U%!%$%k$+�(B
�$BL@<(E*$K=q$-9~$_5v2D$,M?$($i$l$F$$$k%U%!%$%k$@$1$G$9�(B.
�$B$3$N%S%C%H$O�(B <CODE>/tmp</CODE> �$B$N$h$&$J%G%#%l%/%H%j$N$?$a$KMQ0U$5$l$?$b$N$G$9�(B.
�$B$3$N$h$&$J%G%#%l%/%H%j$OC/$G$b=q$-9~$_$O$G$-$^$9$,�(B,
�$BC/$G$b<+M3$K%U%!%$%k>C5n$rG'$a$k$N$OK>$^$7$/$"$j$^$;$s�(B.
�$B%G%#%l%/%H%j$r>\:YI=<($9$k$H�(B, sticky �$B%S%C%H$O�(B <CODE>t</CODE> �$B$GI=$5$l$^$9�(B.
</DL>
<P>
<DL>
<DT><B>SUID �$BB0@-�(B: (�$B%U%!%$%kMQ�(B)</B><DD><P>�$B$3$l$O%U%!%$%k$X$N�(B SUID �$B%Q!<%_%C%7%g%s$r<($7$^$9�(B.
�$B%f!<%6�(B ID �$B@_Dj%"%/%;%9%b!<%I$,=jM-<T$N%Q!<%_%C%7%g%s$G@_Dj$5$l$F$*$j�(B,
�$B$+$D$=$N%U%!%$%k$,<B9T2DG=$G$"$l$P�(B, �$B$3$l$r<B9T$7$?%W%m%;%9$O�(B,
�$B%W%m%;%9$r5/F0$7$?%f!<%6$G$O$J$/�(B,
�$B%U%!%$%k$r=jM-$7$F$$$k%f!<%6$K4p$E$$$F%7%9%F%`$N%j%=!<%9$K%"%/%;%9$G$-$^$9�(B.
�$B$3$l$O3F<o�(B 'buffer overflow' �$B967b$N860x$H$J$j$^$9�(B.
</DL>
<DL>
<DT><B>SGID �$BB0@-�(B: (�$B%U%!%$%kMQ�(B)</B><DD><P>�$B%0%k!<%W$N%Q!<%_%C%7%g%s$G@_Dj$5$l$F$$$l$P�(B,
�$B$3$N%S%C%H$O%U%!%$%k$N!V%0%k!<%W�(B ID �$B@_Dj!W>uBV$r@)8f$7$^$9�(B.
�$B$3$l$O�(B SUID �$B$HF1$8$h$&$KF0:n$7$^$9$,�(B,
�$B%f!<%6$G$O$J$/%0%k!<%W$,1F6A$r<u$1$kE@$,0[$J$j$^$9�(B.
�$B$3$N%S%C%H$K8z2L$r;}$?$;$k$?$a$K$O�(B,
�$B$d$O$j%U%!%$%k$O<B9T2DG=$G$J$1$l$P$$$1$^$;$s�(B.
</DL>
<P>
<DL>
<DT><B>SGID �$BB0@-�(B: (�$B%G%#%l%/%H%jMQ�(B)</B><DD><P>(<CODE>chmod g+s <I>directory</I></CODE> �$B$r9T$C$F�(B)
�$B%G%#%l%/%H%j$K�(B SGID �$B%S%C%H$r@_Dj$7$?>l9g�(B,
�$B$3$N%G%#%l%/%H%j$K:n$i$l$?%U%!%$%k$O�(B
�$B%G%#%l%/%H%j$N%0%k!<%W$K@_Dj$5$l$?%0%k!<%W$r;}$A$^$9�(B.
</DL>
<P>�$B$"$J$?�(B - �$B%U%!%$%k$N=jM-<T�(B
<P>�$B%0%k!<%W�(B - �$B$"$J$?$,=jB0$9$k%0%k!<%W�(B
<P>�$BA40w�(B - �$B=jM-<T$G$b%0%k!<%W$N%a%s%P$G$b$J$$�(B, �$B%7%9%F%`>e$NA40w�(B
<P>
<P><B>�$B%U%!%$%k$NNc�(B:</B>
<P>
<BLOCKQUOTE><CODE>
<PRE>
-rw-r--r-- 1 kevin users 114 Aug 28 1997 .zlogin
1�$BHVL\$N%S%C%H�(B - �$B%G%#%l%/%H%j$+�(B? (no)
2�$BHVL\$N%S%C%H�(B - �$B=jM-<T$,FI$_=P$;$k$+�(B? (yes, �$B%f!<%6�(B kevin �$B$,2DG=�(B)
3�$BHVL\$N%S%C%H�(B - �$B=jM-<T$,=q$-9~$a$k$+�(B? (yes, �$B%f!<%6�(B kevin �$B$,2DG=�(B)
4�$BHVL\$N%S%C%H�(B - �$B=jM-<T$,<B9T$G$-$k$+�(B? (no)
5�$BHVL\$N%S%C%H�(B - �$B%0%k!<%W$OFI$_=P$;$k$+�(B (yes, users �$B%0%k!<%W$,2DG=�(B)
6�$BHVL\$N%S%C%H�(B - �$B%0%k!<%W$O=q$-9~$a$k$+�(B? (no)
7�$BHVL\$N%S%C%H�(B - �$B%0%k!<%W$O<B9T$G$-$k$+�(B? (no)
8�$BHVL\$N%S%C%H�(B - �$BC/$G$bFI$_=P$;$k$+�(B? (yes, �$BC/$G$b2DG=�(B)
9�$BHVL\$N%S%C%H�(B - �$BC/$G$b=q$-9~$a$k$+�(B? (no)
10�$BHVL\$N%S%C%H�(B- �$BC/$G$b<B9T$G$-$k$+�(B? (no)
</PRE>
</CODE></BLOCKQUOTE>
<P>
<P>�$B0J2<$N9T$O�(B, �$B%"%/%;%98"$N@bL@$KI,MW$J:G>.8B$N%Q!<%_%C%7%g%s$r=8$a$?Nc$G$9�(B.
�$B<B:]$K$O�(B, �$B$3$3$K<($7$?0J>e$N%Q!<%_%C%7%g%s$rM?$($k$3$H$,I,MW$+$b$7$l$^$;$s$,�(B,
�$B$3$l$i$N%U%!%$%k$K4X$9$k:G>.8B$N%Q!<%_%C%7%g%s$,0UL#$9$k$H$3$m$O�(B
�$B<!$N$h$&$J$b$N$G$9�(B:
<P>
<BLOCKQUOTE><CODE>
<PRE>
-r-------- �$B=jM-<T$KFI$_9~$_%"%/%;%9$r5v2D$7$^$9�(B
--w------- �$B=jM-<T$K%U%!%$%k$N=$@5$H:o=|$r5v2D$7$^$9�(B
(�$B$=$N%U%!%$%k$,F~$C$F$$$k%G%#%l%/%H%j$N=q$-9~$_%Q!<%_%C%7%g�(B
�$B%s$r;}$D%f!<%6$O�(B, �$B%U%!%$%k$N>e=q$-$d:o=|$r9T$&$3$H$,$G$-$^$9�(B)
---x------ �$B$3$N%W%m%0%i%`$N<B9T$r5v2D$7$^$9�(B. �$B%7%'%k%9%/%j%W%H$N>l9g$O�(B
�$B$3$l$@$1$G$OB-$j$:�(B, �$B$5$i$KFI$_9~$_%Q!<%_%C%7%g%s$,I,MW$G$9�(B.
---s------ �$B!V<B8z%f!<%6�(B ID = �$B=jM-<T!W$H$7$F<B9T$r9T$$$^$9�(B
-------s-- �$B!V<B8z%0%k!<%W�(B ID = �$B%0%k!<%W!W$H$7$F<B9T$r9T$$$^$9�(B
-rw------T �$B!V:G=*99?7;~9o!W$r99?7$7$^$;$s�(B. �$BDL>o$O%9%o%C%W%U%!%$%k$@$1�(B
�$B$K;H$$$^$9�(B.
---t------ �$BL50UL#$G$9�(B(�$B0JA0�(B sticky �$B%S%C%H$@$C$?$b$N$G$9�(B).
</PRE>
</CODE></BLOCKQUOTE>
<B>�$B%G%#%l%/%H%j$NNc�(B:</B>
<BLOCKQUOTE><CODE>
<PRE>
drwxr-xr-x 3 kevin users 512 Sep 19 13:47 .public_html/
1�$BHVL\$N%S%C%H�(B - �$B%G%#%l%/%H%j$+�(B? (yes, �$B$?$/$5$s$N%U%!%$%k$,$"$k�(B)
2�$BHVL\$N%S%C%H�(B - �$B=jM-<T$OFI$_=P$;$k$+�(B? (yes, �$B%f!<%6�(B kevin �$B$,2DG=�(B)
3�$BHVL\$N%S%C%H�(B - �$B=jM-<T$O=q$-9~$a$k$+�(B? (yes, �$B%f!<%6�(B kevin �$B$,2DG=�(B)
4�$BHVL\$N%S%C%H�(B - �$B=jM-<T$O<B9T$G$-$k$+�(B? (yes, �$B%f!<%6�(B kevin �$B$,2DG=�(B)
5�$BHVL\$N%S%C%H�(B - �$B%0%k!<%W$OFI$_=P$;$k$+�(B?(yes, users �$B%0%k!<%W$,2DG=�(B)
6�$BHVL\$N%S%C%H�(B - �$B%0%k!<%W$O=q$-9~$a$k$+�(B?(no)
7�$BHVL\$N%S%C%H�(B - �$B%0%k!<%W$O<B9T$G$-$k$+�(B?(yes, users �$B%0%k!<%W$,2DG=�(B)
8�$BHVL\$N%S%C%H�(B - �$BC/$G$bFI$_=P$7$G$-$k$+�(B?(yes, �$BC/$G$b2DG=�(B)
9�$BHVL\$N%S%C%H�(B - �$BC/$G$b=q$-9~$a$k$+�(B? (no)
10�$BHVL\$N%S%C%H�(B- �$BC/$G$b<B9T$G$-$k$+�(B? (yes, �$BC/$G$b2DG=�(B)
</PRE>
</CODE></BLOCKQUOTE>
<P>�$B0J2<$N9T$O�(B, �$B%"%/%;%98"$N@bL@$KI,MW$J:G>.8B$N%Q!<%_%C%7%g%s$r=8$a$?Nc$G$9�(B.
�$B<($7$?$b$N0J30$K$bB?$/$N%Q!<%_%C%7%g%s$,I,MW$@$H;W$&$+$b$7$l$^$;$s$,�(B,
�$B$3$l$O$3$l$i$N%U%!%$%k$KBP$9$k:G>.8B$N%Q!<%_%C%7%g%s$G5-=R$G$-$k$O$:$G$9�(B:
<P>
<BLOCKQUOTE><CODE>
<PRE>
dr-------- �$BFbMF$OI=<($G$-$^$9$,�(B, �$B%U%!%$%k$NB0@-$OFI$_=P$;$^$;$s�(B
d--x------ �$B%G%#%l%/%H%j$KF~$l�(B, �$B<B9T;~$K@dBP%Q%9$N0lIt$H$7$F;H$&$3$H$,�(B
�$B$G$-$^$9�(B.
dr-x------ �$B=jM-<T$,%U%!%$%kB0@-$rFI$_=P$9$3$H$,$G$-$^$9�(B
d-wx------ �$B%+%l%s%H%G%#%l%/%H%j$G$J$/$F$b�(B, �$B%U%!%$%k$N@8@.�(B/�$B:o=|$,9T$(�(B
�$B$^$9�(B
d------x-t �$B=q$-9~$_5v2D$,$"$C$F$bB>?M$O%U%!%$%k$r>C$9$3$H$r6X;_$7$^$9�(B.
/tmp �$B$G;H$o$l$^$9�(B.
d---s--s-- �$BL50UL#$G$9�(B.
</PRE>
</CODE></BLOCKQUOTE>
<P>�$B%7%9%F%`@_Dj%U%!%$%k�(B (�$BIaDL$O�(B <CODE>/etc</CODE> �$B$K$"$j$^$9�(B) �$B$ODL>o�(B,
�$B%b!<%I$,�(B <CODE>640</CODE> (-rw-r-----) �$B$G�(B, root �$B$,=jM-<T$G$9�(B.
�$B$3$l$O%5%$%H$K$*$1$k%;%-%e%j%F%#$NMW5a$K$7$?$,$C$FD4@0$9$k$3$H$,$G$-$^$9�(B.
�$B%7%9%F%`%U%!%$%k$O%0%k!<%W$N%a%s%P!<$J$$$7$OK|?M$K�(B
�$B=q$-9~$a$k$h$&$K$7$F$$$F$O$$$1$^$;$s�(B.
�$B0lIt$N%U%!%$%k�(B
(<CODE>/etc/shadow</CODE> �$BEy�(B) �$B$O�(B root �$B$K$7$+FI$a$J$$>uBV$G$J$1$l$P$J$j$^$;$s$7�(B,
�$B>/$J$/$H$b�(B <CODE>/etc</CODE> �$BFb$K$"$k%G%#%l%/%H%j$O�(B
�$B$=$NB>$N%f!<%6$,%"%/%;%9$G$-$F$O$$$1$^$;$s�(B.
<P>
<DL>
<DT><B>SUID �$B$5$l$?%7%'%k%9%/%j%W%H�(B</B><DD><P>SUID �$B$5$l$?%7%'%k%9%/%j%W%H$O%;%-%e%j%F%#$K=EBg$J4m81$r5Z$\$9$N$G�(B,
�$B%+!<%M%k$O$3$l$rL5;k$7$^$9�(B. �$B$=$N%7%'%k%9%/%j%W%H$,$I$l$@$10BA4$@$H;W$C$F$$$F$b�(B,
�$B%/%i%C%+!<$K�(B root �$B$N%7%'%k$rC%$o$l$F$7$^$&2DG=@-$,$"$j$^$9�(B.
</DL>
<P>
<H2><A NAME="ss5.3">5.3 �$B%7%9%F%`@09g@-$N%A%'%C%/�(B</A>
</H2>
<P>�$B%m!<%+%k$+$i$N�(B (�$B$=$7$F%M%C%H%o!<%/$+$i$N�(B)
�$B%7%9%F%`$KBP$9$k967b$rH/8+$9$kJL$NNI$$J}K!$O�(B,
<CODE>Tripwire</CODE>, <CODE>Aide</CODE>, <CODE>Osiris</CODE>
�$B$N$h$&$J�(B, �$B%7%9%F%`$,$$$8$i$l$F$$$J$$$+$I$&$+$r%A%'%C%/$9$k�(B
�$B%W%m%0%i%`$r<B9T$9$k$3$H$G$9�(B.
�$B$3$l$i$O=EMW$J%P%$%J%j$d@_Dj%U%!%$%kA4$F$N%A%'%C%/%5%`$r<h$j�(B,
�$B;2>HCM$H$7$F@5$7$$$3$H$,J,$+$C$F$$$k0JA0$NCM$N%G!<%?%Y!<%9$HHf3S$7$^$9�(B.
�$B$7$?$,$C$F�(B, �$B$3$l$i$N%U%!%$%k$NJQ99$OA4$FCN$k$3$H$,$G$-$^$9�(B.
<P>�$B$3$N<j$N%W%m%0%i%`$r%U%m%C%T!<%G%#%9%/$K%$%s%9%H!<%k$7�(B,
�$B$3$N%U%m%C%T!<$rJ*M}E*$K=q$-9~$_6X;_$K$7$F$*$/$H$h$$$G$7$g$&�(B.
�$B$3$&$7$F$*$1$P�(B, �$B?/F~<T$K$O%7%9%F%`@09g@-%A%'%C%/%W%m%0%i%`$d�(B
�$B%G!<%?%Y!<%9$r2~cb$9$k$3$H$,IT2DG=$K$J$j$^$9�(B.
�$B$$$C$?$s$3$N<j$N$b$N$r@_Dj$7$?$i�(B,
�$B$3$l$rDL>o$N%;%-%e%j%F%#4IM}:n6H$N0lIt$H$7$F<B9T$7�(B,
�$B2?$+JQ99$,$J$5$l$F$$$J$$$+%A%'%C%/$9$k$H$h$$$G$7$g$&�(B.
<P>�$BKhHU�(B �$B%U%m%C%T!<%G%#%9%/>e$N%A%'%C%/%W%m%0%i%`$r<B9T$7�(B,
�$BD+$K$=$N7k2L$r%a!<%k$GAw$k$h$&$K�(B <CODE>crontab</CODE> �$B$r@_Dj$9$k$3$H$b$G$-$^$9�(B.
�$B@_Dj$O0J2<$N$h$&$K$J$j$^$9�(B.
<BLOCKQUOTE><CODE>
<PRE>
# set mailto
MAILTO=kevin
# run Tripwire
15 05 * * * root /usr/local/adm/tcheck/tripwire
</PRE>
</CODE></BLOCKQUOTE>
�$B<B9T7k2L$O8aA0�(B 5 �$B;~�(B 15 �$BJ,$K%a!<%k$GAw$i$l$^$9�(B.
<P>�$B@09g@-%A%'%C%/%W%m%0%i%`$O�(B,
�$B$$$6$H$J$C$F$+$i5$$E$/$h$jA0$K?/F~<T$rH/8+$9$kE7$NG[:^$K$J$jF@$^$9�(B.
�$B0lHLE*$J%7%9%F%`$G$OB?$/$N%U%!%$%k$,JQ99$5$l$^$9$N$G�(B,
�$B%/%i%C%+!<$NF0$-$d�(B, �$B<+J,<+?H$,9T$C$?$3$H$KCm0U$7$F$$$J$/$F$O$J$j$^$;$s$+$i�(B.
<P><CODE>Tripwire</CODE> �$B$N%*!<%W%s%=!<%9$J%P!<%8%g%s$O�(B
<A HREF="http://www.tripwiresecurity.com">http://www.tripwiresecurity.com</A>�$B$K$"$j$^$9�(B. �$BL5NA$G$9�(B.
�$B%^%K%e%"%k$H%5%]!<%H$OM-NA$GF~<j$9$k$3$H$,$G$-$^$9�(B.
<P><CODE>Aide</CODE> �$B$O�(B
<A HREF="http://www.cs.tut.fi/~rammer/aide.html">http://www.cs.tut.fi/~rammer/aide.html</A> �$B$K$"$j$^$9�(B.
<P><CODE>Osiris</CODE> �$B$O�(B
<A HREF="http://www.shmoo.com/osiris/">http://www.shmoo.com/osiris/</A>
�$B$+$i$I$&$>�(B.
<P>
<H2><A NAME="ss5.4">5.4 �$B%H%m%$$NLZGO�(B</A>
</H2>
<P>�$B!V%H%m%$$NLZGO�(B (Trojan Horse)�$B!W$O%[%a!<%m%9$N%$!<%j%"%9$K=q$+$l$F$$$k�(B
�$BM-L>$J7WN,$KM3Mh$9$kL>A0$G$9�(B. �$B4pK\E*$J9M$(J}$O�(B,
�$BJXMx$=$&$J%W%m%0%i%`$d%P%$%J%j$rMQ0U$7$F$*$-�(B,
�$B$3$l$rB>?M$K%@%&%s%m!<%I$5$;$F�(B root �$B%f!<%6$H$7$F<B9T$5$;$k$H$$$&$b$N$G$9�(B.
�$B$3$l$K$h$C$F�(B, �$BAj<j$,5$$E$+$J$$$&$A$K%7%9%F%`$r0-MQ$9$k$3$H$,$G$-$^$9�(B.
�$B<j$KF~$l$?%P%$%J%j$,;E;v$r$7$F$$$k�(B (�$B$H$F$bLrN)$C$F$$$k$+$b$7$l$^$;$s�(B)
�$B$H;W$C$F$$$k4V$K�(B, �$B$3$N%P%$%J%j$,F1;~$K%;%-%e%j%F%#$bGK$C$F$7$^$&$N$G$9�(B.
<P>�$B$7$?$,$C$F�(B, �$B%^%7%s$K%W%m%0%i%`$r%$%s%9%H!<%k$9$k;~$K$OCm0U$,I,MW$G$9�(B.
Red Hat �$B$O�(B MD5 �$B%A%'%C%/%5%`$H�(B PGP �$B=pL>$r;\$7$?�(B RPM �$B%U%!%$%k$rDs6!$7�(B,
�$B%f!<%6$,K\J*$N%Q%C%1!<%8$rF~<j$7$F$$$k$N$+$I$&$+$r�(B
�$B%A%'%C%/$G$-$k$h$&$K$7$F$$$^$9�(B.
�$BB>$N%G%#%9%H%j%S%e!<%7%g%s$K$bF1MM$N;EAH$_$,$"$j$^$9�(B.
�$BAG@-$,CN$l$:�(B, �$B%=!<%9$bDs6!$5$l$F$$$J$$%P%$%J%j$r�(B
root �$B8"8B$G<B9T$7$F$O$$$1$^$;$s�(B!
�$BC/$b$,D4::$G$-$k$h$&$J%=!<%9%3!<%I$r8x3+$9$k967b<T$O$[$H$s$I$$$^$;$s�(B.
<P>�$B<j4V$O$+$+$k$+$b$7$l$^$;$s$,�(B,
�$B%W%m%0%i%`$N%=!<%9%3!<%I$O$=$N@5<0$N8x3+%5%$%H$+$iF~<j$9$k$Y$-$G$9�(B.
�$B%W%m%0%i%`$r�(B root �$B8"8B$G<B9T$9$k$J$i$P�(B,
�$B$"$J$?$+�(B, �$B$"$J$?$,?.Mj$7$F$$$k?M$,%=!<%9%3!<%I$r8+$F�(B, �$B8!::$9$Y$-$G$9�(B.
<P>
<H2><A NAME="password-security"></A> <A NAME="ss5.5">5.5 �$B%Q%9%o!<%I$N%;%-%e%j%F%#$H0E9f2=�(B </A>
</H2>
<P>�$B8=:_MQ$$$i$l$F$$$k%;%-%e%j%F%#5!G=$N$&$A:G$b=EMW$J$b$N$N$R$H$D$,�(B
�$B%Q%9%o!<%I$G$9�(B. �$B$"$J$?$H$"$J$?$N%^%7%s$N%f!<%6$NN>J}$,�(B,
�$B%Q%9%o!<%I$r0BA4$G?dB,$7$K$/$$$b$N$K$7$F$*$/$3$H$,Bg;v$G$9�(B.
�$B:G6a$N�(B Linux �$B%G%#%9%H%j%S%e!<%7%g%s$N$[$H$s$I$K$O�(B,
�$B4JC1$K?dB,$G$-$k%Q%9%o!<%I$O@_Dj$G$-$J$$$h$&$K$J$C$F$$$k�(B
<CODE>passwd</CODE> �$B%W%m%0%i%`$,F~$C$F$$$^$9�(B. <CODE>passwd</CODE>
�$B%W%m%0%i%`$,:G?7$N$b$N$G�(B,
�$B$3$N$h$&$J5!G=$r;}$C$F$$$k$+$I$&$+3N$+$a$F$*$-$^$7$g$&�(B.
<P>�$B0E9f2=$K$D$$$F$NFM$C9~$s$@5DO@$OK\=q$NHO0O$r1[$($F$7$^$$$^$9$,�(B,
�$BF~LgDxEY$J$i$PNI$$$G$7$g$&�(B. �$B0E9f2=$OBgJQJXMx$G$9$7�(B,
�$B$?$V$s:#F|$G$OI,?\$H$5$(8@$($k$G$7$g$&�(B.
�$BHs>o$KB?$/$N<oN`$N%G!<%?0E9f2=$NJ}K!$,$"$j$^$9$,�(B, �$B$=$l$>$l$,FCD'$r;}$C$F$$$^$9�(B.
<P>�$B$[$H$s$I$N�(B UNIX(Linux �$B$bNc30$G$O$"$j$^$;$s�(B)�$B$O�(B, DES (Data Encryption Standard)
�$B$H8F$P$l$kJRJ}8~$N0E9f2=%"%k%4%j%:%`$r<g$K;H$C$F%Q%9%o!<%I$r0E9f2=$7$F$$$^$9�(B.
�$B0E9f2=$5$l$?%Q%9%o!<%I$O�(B(�$BIaDL�(B)<CODE>/etc/passwd</CODE>
�$B$+�(B (�$B>/$70lHLE*$G$J$$$G$9$,�(B) <CODE>/etc/shadow</CODE> �$B$KJ]B8$5$l$^$9�(B.
�$B%f!<%6$,%m%0%$%s$7$h$&$H$9$k$H�(B, �$BF~NO$7$?%Q%9%o!<%I$O:F$S0E9f2=$5$l�(B,
�$B%Q%9%o!<%I$r3JG<$7$F$$$k%U%!%$%k$N3:Ev9`L\$HHf3S$5$l$^$9�(B.
�$B$3$l$i$,0lCW$9$l$P%Q%9%o!<%I$OF1$8$O$:$J$N$G�(B, �$B%m%0%$%s$,5v2D$5$l$^$9�(B.
DES �$B$OAPJ}8~$N0E9f2=%"%k%4%j%:%`�(B
(�$B@5$7$$%-!<$rM?$($l$P�(B, �$B0E9f2=$bI|9f2=$b$G$-$k�(B)�$B$J$N$G$9$,�(B,
�$B$[$H$s$I$N�(B UNIX �$B$,;H$C$F$$$k$N$O�(B DES �$B$N0l<o$GJRJ}8~$N%"%k%4%j%:%`$G$9�(B.
�$B$D$^$j�(B, <CODE>/etc/passwd</CODE> (�$B$^$?$O�(B <CODE>/etc/shadow</CODE>)
�$B$NFbMF$+$i%Q%9%o!<%I$rF@$k$?$a$K0E9f$r2rFI$9$k$3$H$OIT2DG=$J$O$:$G$9�(B.
<P>�$B%Q%9%o!<%I$,==J,$K%i%s%@%`$G$J$$>l9g�(B, "Crack" �$B$d�(B "John the Ripper"
(
<A HREF="#crack">crack</A>
�$B>O$r;2>H�(B)�$B$N$h$&$JNOG$$;$N967b$G$b%Q%9%o!<%I$r?dB,$G$-$^$9�(B.
PAM �$B%b%8%e!<%k�(B (�$B8e=R�(B) �$B$rMxMQ$9$l$P�(B,
�$BJL$N0E9f2=%k!<%A%s�(B (MD5 �$B$J$I�(B) �$B$r;HMQ$G$-$^$9�(B.
Crack �$B$K$bNI$$;H$$J}$,$"$j$^$9�(B.
�$B%Q%9%o!<%I%G!<%?%Y!<%9$KBP$7$FDj4|E*$K�(B Crack �$B$r<B9T$7�(B,
�$B0BA4$G$J$$%Q%9%o!<%I$r8+$D$1$k$N$G$9�(B.
�$B$=$7$FLdBj$N$"$k%f!<%6$HOC$r$7$F�(B, �$B%Q%9%o!<%I$rJQ$($k$h$&$K;XF3$7$^$9�(B.
<P>�$BNI$$%Q%9%o!<%I$N7h$aJ}$K4X$9$k>pJs$K$D$$$F$O�(B
<A HREF="http://consult.cern.ch/writeup/security/security_3.html">http://consult.cern.ch/writeup/security/security_3.html</A>
�$B$r;2>H$7$F$/$@$5$$�(B.
<P>
<H2><A NAME="ss5.6">5.6 PGP �$B5Z$S8x3+800E9f�(B</A>
</H2>
<P>PGP �$BEy$K;H$o$l$F$$$k8x3+800E9f$O�(B, �$B$"$k80$r0E9f2=$K;H$$�(B,
�$BJL$N80$rI|9f2=$K;H$&0E9f$G$9�(B.
�$B=>Mh$N0E9f$O�(B, �$B0E9f2=$HI|9f2=$KF1$880$r;H$C$F$$$^$7$?�(B.
�$B$3$N80$ODL?.$NN>B&$,CN$C$F$$$J$1$l$P$J$i$:�(B,
�$B2?$i$+$N0BA4$JJ}K!$GAj<j$KAw$i$J$1$l$P$J$j$^$;$s$G$7$?�(B.
<P>
<P>�$B0E9f$K;H$C$?80$r0BA4$KE>Aw$9$kI,MW@-$rL5$/$9$?$a�(B, �$B8x3+800E9f$G$O�(B
2 �$B$D$NJL!9$N80�(B(�$B8x3+80$HHkL)80�(B)�$B$rMQ$$$^$9�(B.
�$B3F<+$,;}$C$F$$$k8x3+80$OC/$G$b;H$&$3$H$,$G$-�(B, �$B0E9f2=$O$3$l$r;H$C$F9T$$$^$9�(B.
�$B0lJ}�(B, �$B3F<+$O<+J,$NHkL)80$r;}$C$F$*$j�(B,
�$B@5$7$$8x3+80$r;H$C$F0E9f2=$5$l$?%a%C%;!<%8$O$3$l$r;H$C$FI|9f2=$7$^$9�(B.
<P>�$B8x3+80$r;H$&0E9f$K$bHkL)80$r;H$&0E9f$K$bMxE@$O$"$j$^$9�(B.
�$B$3$l$i$N0c$$$K$D$$$F$O�(B, �$B$3$N%;%/%7%g%s$N:G8e$K<($9�(B
<A HREF="http://www.rsa.com/rsalabs/newfaq/">the RSA Cryptography FAQ</A>
�$B$K@bL@$,$"$j$^$9�(B.
<P>PGP (Pretty Good Privacy) �$B$O�(B Linux �$B$G$A$c$s$H%5%]!<%H$5$l$F$$$^$9�(B.
�$B%P!<%8%g%s�(B 2.62 �$B$H�(B 5.0 �$B$NF0:n$,3NG'$5$l$F$$$^$9�(B.
PGP �$B$X$NF~Lg$d;H$$J}$K$D$$$F$O�(B, PGP FAQ �$B$r8+$k$HNI$$$G$7$g$&�(B.
<A HREF="http://www.pgp.com/service/export/faq/55faq.cgi">http://www.pgp.com/service/export/faq/55faq.cgi</A><P>�$BI,$:�(B, �$B$"$J$?$N9q$GMxMQ$G$-$k%P!<%8%g%s$r;H$C$F$/$@$5$$�(B.
�$B$3$l$O%"%a%j%+9g=09q@/I\$K$h$kM"=P@)8B$N$?$a$G$"$j�(B,
�$B6/NO$J0E9f$rEE;RE*$K9q30$XE>Aw$9$k$3$H$,6X;_$5$l$F$$$k$+$i$G$9�(B.
<P>�$B8=:_$OM"=P$N4IM}$O�(B EAR(Export Administration Regulations)�$B$,9T$C$F$$$^$9�(B.
�$B$b$O$d�(B ITAR (�$BLuCm�(B: International Traffic in Arms Regulations �$B$NN,>N�(B)
�$B$G$O4IM}$5$l$F$$$^$;$s�(B.
<P>Linux �$B$G$N�(B PGP �$B$N@_Dj$K4X$9$k%9%F%C%W%P%$%9%F%C%W$N%,%$%I$b�(B
<A HREF="http://mercury.chem.pitt.edu/~angel/LinuxFocus/English/November1997/article7.html">http://mercury.chem.pitt.edu/~angel/LinuxFocus/English/November1997/article7.html</A>
�$B$K$"$j$^$9�(B. �$B$3$l$O�(B PGP �$B$N9q:]%P!<%8%g%sMQ$K=q$+$l$?$b$N$G$9$,�(B,
�$B%"%a%j%+9g=09q%P!<%8%g%s$K$b4JC1$KE,MQ$G$-$^$9�(B.
�$B:G?7%P!<%8%g%s$N�(B Linux �$B$N0lIt$G$O%Q%C%A$,I,MW$K$J$k$3$H$,$"$j$^$9�(B.
�$B$3$N%Q%C%A$O�(B
<A HREF="ftp://metalab.unc.edu/pub/Linux/apps/crypto">ftp://metalab.unc.edu/pub/Linux/apps/crypto</A> �$B$GF~<j$G$-$^$9�(B.
<P>PGP �$B$r%*!<%W%s%=!<%9$G%U%j!<$K<BAu$7D>$=$&$H$7$F$$$k%W%m%8%'%/%H$,$"$j$^$9�(B.
GnuPG �$B$O�(B PGP �$B$KCV$-49$($k$3$H$,$G$-$k�(B,
�$B4{$K40@.$7$F$$$k%U%j!<$J%W%m%0%i%`$G$9�(B.
GnuPG �$B$O�(B IDEA �$B$b�(B RSA �$B$b;H$C$F$$$J$$$N$G�(B, �$B@)8BL5$7$K;HMQ$9$k$3$H$,$G$-$^$9�(B.
GnuPG �$B$O�(B
<A HREF="http://core.ring.gr.jp/pub/doc/rfc/rfc2440.txt">OpenPGP</A> �$B$K$[$\=`5r$7$F$$$^$9�(B.
�$B>\$7$/$O�(B GNU Privacy Guard �$B$N�(B WWW �$B%Z!<%8�(B
(
<A HREF="http://www.gnupg.org/">http://www.gnupg.org/</A>)
�$B$r$4Mw$/$@$5$$�(B.
<P>�$BLuCm�(B (�$BN,8l$N0UL#�(B):
<UL>
<LI><B>IDEA</B>:
International Data Encryption Algorithm �$B$NN,�(B.
128 �$B%S%C%H$NHkL)80$rMQ$$$?0E9f%"%k%4%j%:%`$G�(B,
�$B%9%$%9$N�(B Ascom-Tech �$B<R$,FC5v8"$r;}$C$F$$$^$9�(B.</LI>
<LI><B>RSA</B>:
�$B8x3+80$rMQ$$$?0E9f2=�(B, �$BEE;R=pL>$K;H$o$l$F$$$k%"%k%4%j%:%`$G�(B,
�$BL>>N$O�(B 3 �$B?M$N3+H/<T�(B(Rivest, Shamir, Adleman)�$B$NF,J8;z$+$i$H$i$l$F$$$^$9�(B.
�$BJF9q$G$O�(B 1983 �$BG/$KFC5v$NG'2D$r<u$1$F$$$^$9�(B.</LI>
</UL>
<P>�$B0E9f$K4X$9$k>\$7$$>pJs$O�(B RSA cryptography FAQ �$B$K=q$+$l$F$$$^$9�(B.
�$B$3$l$O�(B
<A HREF="http://www.rsa.com/rsalabs/newfaq/">http://www.rsa.com/rsalabs/newfaq/</A> �$B$+$iF~<j$G$-$^$9�(B.
�$B$3$N%I%-%e%a%s%H$K$O�(B "Diffie-Hellman �$BK!�(B", "�$B8x3+800E9f�(B", "�$BEE;RG'>Z�(B"
�$B$H$$$C$?MQ8l$K4X$9$k>pJs$,:\$C$F$$$^$9�(B.
<P>�$BLuCm�(B: �$BF|K\8lLu$O�(B
<A HREF="http://www.rsa-japan.co.jp/faq/index.html">http://www.rsa-japan.co.jp/faq/index.html</A> �$B$K$"$j$^$9�(B.
<P>
<H2><A NAME="ss5.7">5.7 SSL, S-HTTP, HTTPS, S/MIME</A>
</H2>
<P>�$B%f!<%6$O3F<o%;%-%e%j%F%#$H0E9f2=%W%m%H%3%k$N0c$$$d�(B,
�$B$3$l$i$N;H$$J}$K$D$$$F$h$/<ALd$7$F$-$^$9�(B.
�$B$3$N%I%-%e%a%s%H$O0E9f2=$K4X$9$k$b$N$G$O$J$$$N$G$9$,�(B,
�$B3F%W%m%H%3%k$NFbMF$r4JC1$K@bL@$7�(B,
�$B>pJs$N$"$j$+$r>R2p$7$F$*$/$N$b0-$/$J$$$H;W$$$^$9�(B.
<UL>
<LI><B>SSL:</B> - SSL (�$B$"$k$$$O�(B Secure Sockets Layer)�$B$O�(B
Netscape �$B$,3+H/$7$?0E9f2=<jK!$G�(B, �$B%$%s%?!<%M%C%H>e$G%;%-%e%j%F%#$rDs6!$7$^$9�(B.
SSL �$B$O$$$/$D$+$N0[$J$k0E9f2=%W%m%H%3%k$H�(B
�$B%/%i%$%"%s%H$H%5!<%P$NG'>Z<jK!$rDs6!$7$^$9�(B.
SSL �$B$O%H%i%s%9%]!<%HAX$rA`:n$7�(B, �$B%G!<%?$N0BA4$J0E9f2=%A%c%M%k$r@8@.$9$k$N$G�(B,
�$B3F<o%G!<%?$r%7!<%`%l%9$K0E9f2=$9$k$3$H$,$G$-$^$9�(B.
SSL �$B$O�(B Communicator �$B$G0BA4$J%5%$%H$K9T$-�(B,
�$B0BA4$J%*%s%i%$%s%I%-%e%a%s%H$K%"%/%;%9$7$?;~$K8+$i$l$^$9�(B.
�$BB>$N$?$/$5$s$N�(B Netscape Communicator �$B$N%G!<%?0E9f2=$HF1MM$K�(B,
�$B$3$l$O�(B Communicator �$B$r;H$C$?0BA4$JDL?.$N4pK\ItJ,$H$7$FMQ0U$5$l$F$$$^$9�(B.
�$B>\$7$$>pJs$O�(B
<A HREF="http://www.consensus.com/security/ssl-talk-faq.html">http://www.consensus.com/security/ssl-talk-faq.html</A> �$B$K$"$j$^$9�(B.
Netscape �$B$NB>$N%;%-%e%j%F%#5!9=$N<BAu$H�(B,
�$B$3$l$i$N%W%m%H%3%k$N<j0z$-$K$D$$$F$O�(B,
<A HREF="http://home.netscape.com/info/security-doc.html">http://home.netscape.com/info/security-doc.html</A> �$B$GF~<j$G$-$^$9�(B.
<P>
</LI>
<LI><B>S-HTTP:</B> - S-HTTP �$B$O%$%s%?!<%M%C%H>e$G$N�(B
�$B0BA4$J%5!<%S%9$rDs6!$9$kJL$N%W%m%H%3%k$G$9�(B. �$B$3$N%W%m%H%3%k$O�(B,
�$B5!L)@-�(B (confidentiality), �$BG'>Z�(B (authentication), �$B40A4@-�(B (integrity),
�$BH]G'KI;_@-�(B [ �$BB>$NC/$+$H4V0c$&$3$H$,$"$jF@$J$$$3$H�(B]
�$B$rM?$($k$?$a$K@_7W$5$l$F$*$j�(B,
�$B$^$?�(B, �$B3F%H%i%s%6%/%7%g%s$K$*$1$kDL?.Aj<j$H$N%*%W%7%g%s$N�(B
�$B%M%4%7%(!<%7%g%s$rDL$8$F�(B, �$BJ#?t$N804IM}5!9=$H0E9f2=%"%k%4%j%:%`$r%5%]!<%H$7$^$9�(B.
S-HTTP �$B$O�(B, �$B$3$l$r<BAu$7$F$$$kFCDj$N%=%U%H%&%'%"$G$7$+;H$($^$;$s�(B. �$B$^$?�(B,
�$B$=$l$>$l$N%a%C%;!<%8$rFHN)$K0E9f2=$7$^$9�(B.
[ RSA Cryptography FAQ �$B$N�(B 138 �$B%Z!<%8$h$j�(B]
<P>
</LI>
<LI><B>S/MIME:</B> - S/MIME (�$B$9$J$o$A�(B Secure Multipurpose
Internet Mail Extension)�$B$O�(B,
�$B0E9f2=EE;R%a!<%k$d$=$NB>$N<oN`$N%$%s%?!<%M%C%H>e$N%a%C%;!<%8$G;H$o$l$k�(B
�$B0E9f2=$NI8=`$G$9�(B. �$B$3$l$O�(B RSA �$B$,3+H/$7$?%*!<%W%s$JI8=`$J$N$G�(B,
Linux �$BMQ$N$b$N$b$?$V$s6a$$$&$A$KEP>l$9$k$G$7$g$&�(B. S/MIME �$B$K4X$9$k>\$7$$>pJs$O�(B
<A HREF="http://home.netscape.com/assist/security/smime/overview.html">http://home.netscape.com/assist/security/smime/overview.html</A>
�$B$K$"$j$^$9�(B. </LI>
</UL>
<P>
<H2><A NAME="ss5.8">5.8 Linux �$B$K$*$1$k�(B IPSEC �$B$N<BAu�(B</A>
</H2>
<P>CIPE �$B$dB>$N7A<0$N%G!<%?0E9f2=$H$H$b$K�(B, Linux �$BMQ$N�(B IPSEC �$B$N<BAu$bJ#?t8D$"$j$^$9�(B.
IPSEC �$B$O�(B IETF �$B$,:n$C$?5,3J$G�(B, �$B0E9f2=$5$l$?0BA4$JDL?.7PO)$r�(B
IP �$B%M%C%H%o!<%/%l%Y%k$G:n$j�(B, �$B$^$?G'>Z�(B, �$B40A4@-�(B, �$B%"%/%;%9@)8f�(B,
�$B5!L)@-$bDs6!$7$^$9�(B. IPSEC �$B$N>pJs$H%$%s%?!<%M%C%H%I%i%U%H$O�(B
<A HREF="http://www.ietf.org/html.charters/ipsec-charter.html">http://www.ietf.org/html.charters/ipsec-charter.html</A> �$B$K$"$j$^$9�(B.
�$B804IM}$r4^$a$FB>$N%W%m%H%3%k$X$N%j%s%/�(B,
IPSEC �$B$N%a!<%j%s%0%j%9%H$d%"!<%+%$%V$b$"$j$^$9�(B.
<P>University of Arizona �$B$G3+H/$5$l$?�(B x-kernel Linux �$B$H$$$&<BAu$O�(B,
�$B%*%V%8%'%/%H%Y!<%9$N%U%l!<%`%o!<%/$r;H$C$F�(B
x-kernel �$B$H8F$P$l$k%M%C%H%o!<%/%W%m%H%3%k$r<BAu$7$F$$$^$9�(B. �$B$3$l$O�(B
<A HREF="http://www.cs.arizona.edu/xkernel/hpcc-blue/linux.html">http://www.cs.arizona.edu/xkernel/hpcc-blue/linux.html</A> �$B$K$"$j$^$9�(B.
�$BBg;(GD$K8@$&$H�(B, x-kernel �$B$O%+!<%M%k%l%Y%k$G$N%a%C%;!<%8%Q%C%7%s%0$N<jK!$G$"$j�(B,
�$B$3$l$K$h$j<BAu$,MF0W$K$J$C$F$$$^$9�(B.
<P>�$B$3$l$H$OJL$N%U%j!<$KMxMQ$G$-$k�(B IPSEC �$B$N<BAu$O�(B Linux FreeS/WAN IPSEC �$B$G$9�(B.
�$B$=$N�(B WWW �$B%Z!<%8$r0zMQ$9$k$H�(B
<BLOCKQUOTE>
�$B!V$3$l$i$N%5!<%S%9$rMQ$$$k$H�(B,
�$B?.Mj$G$-$J$$%M%C%H%o!<%/>e$K0BA4$J%H%s%M%k$r9=C[$9$k$3$H$,$G$-$^$9�(B.
�$B?.Mj$G$-$J$$%M%C%H%o!<%/$rDL$k%G!<%?$OA4$F�(B
IPSEC �$B%2!<%H%&%'%$%^%7%s$K$h$j0E9f2=$5$l�(B,
�$B$=$NH?BP$NC<$N%2!<%H%&%'%$$K$h$C$FI|9f2=$5$l$^$9�(B.
�$B$3$l$K$h$j2>A[%W%i%$%Y!<%H%M%C%H%o!<%/�(B (Virtual Private Network, VPN)
�$B$,$G$-$^$9�(B. �$B$3$l$O�(B,
�$B0BA4$G$J$$%$%s%?!<%M%C%H$G@\B3$5$l$?0[$J$kJ#?t$N%5%$%H$r4^$s$G$$$F$b�(B,
�$B<B<AE*$K%W%i%$%Y!<%H$J%M%C%H%o!<%/$G$9!W�(B
</BLOCKQUOTE>
�$B$H$N$3$H$G$9�(B.
<P>�$B$3$l$O�(B
<A HREF="http://www.xs4all.nl/~freeswan/">http://www.xs4all.nl/~freeswan/</A> �$B$GF~<j$9$k$3$H$,$G$-$^$9�(B.
�$B$3$N%I%-%e%a%s%H$N<9I.Cf$K$A$g$&$I%P!<%8%g%s�(B 1.0 �$B$K$J$j$^$7$?�(B.
�$BB>$N7A<0$N0E9f$HF1MM$KM"=P$,@)8B$5$l$F$$$k$?$a�(B,
�$B%G%U%)%k%H$G$O%+!<%M%k$H6&$KG[I[$5$l$F$$$^$;$s�(B.
<P>
<H2><A NAME="ssh"></A> <A NAME="ss5.9">5.9 <CODE>ssh</CODE> (Secure Shell) �$B$H�(B <CODE>stelnet</CODE></A>
</H2>
<P><CODE>ssh</CODE> �$B$H�(B <CODE>stelnet</CODE> �$B$O�(B,
�$B%j%b!<%H$N%7%9%F%`$K%m%0%$%s$7�(B,
�$B0E9f2=$5$l$?@\B3$r9T$&$?$a$N%W%m%0%i%`72$G$9�(B.
<P><CODE>openssh</CODE> �$B$O�(B <CODE>rlogin</CODE>, <CODE>rsh</CODE>, <CODE>rcp</CODE>
�$B$N0BA4$JBeMQIJ$H$7$F;H$o$l$k%W%m%0%i%`72$G$9�(B.
<CODE>ssh</CODE> �$B$O�(B 2 �$B$D$N%[%9%H4V$NDL?.$H%f!<%6G'>Z$r�(B
�$B8x3+800E9f$r;H$C$F0E9f2=$7$^$9�(B.
<CODE>ssh</CODE> �$B$r;H$&$H0BA4$K%j%b!<%H%[%9%H$K%m%0%$%s$7$?$j�(B,
�$B%[%9%H4V$G%G!<%?$r0BA4$K%3%T!<$7$?$j$9$k$3$H$,$G$-�(B,
�$B3d$j9~$_967b�(B(�$B%;%C%7%g%s$N%O%$%8%c%C%/�(B)�$B$d�(B DNS �$B:>>N$rKI$0$3$H$,$G$-$^$9�(B.
<CODE>ssh</CODE> �$B$O@\B3>e$G%G!<%?05=L$b9T$$�(B,
�$B%[%9%H4V$G$N0BA4$J�(B X11 �$B$NDL?.$b9T$$$^$9�(B.
<P>�$B$$$^$G$O�(B, ssh �$B$K$O2?<oN`$+$N<BAu$,$"$j$^$9�(B.
Data Fellows �$B<R$K$h$k%*%j%8%J%k$N>&MQ$N<BAu$O�(B
The <CODE>ssh</CODE> home page
<A HREF="http://www.datafellows.com">http://www.datafellows.com</A> �$B$K$"$j$^$9�(B.
<P>The excellent Openssh �$B$NAG@2$i$7$$<BAu$O�(B
Data Fellows �$B$N�(B ssh �$B$N=i4|$N%P!<%8%g%s$r85$K$7$D$D�(B,
�$BFC5v$K4X$o$kItJ,$d@jM-J*$,F~$i$J$/$J$k$h$&$K�(B
�$B40A4$K:n$jD>$5$l$^$7$?�(B. �$B%U%j!<$G�(B, BSD �$B%i%$%;%s%9$N85$K$"$j$^$9�(B.
<A HREF="http://www.openssh.com">http://www.openssh.com</A> �$B$K$"$j$^$9�(B.
<P>"psst..." �$B$H$$$&L>A0$N�(B, ssh �$B$r0l$+$i:F<BAu$7$h$&$H$$$&�(B
�$B%*!<%W%s%=!<%9$J%W%m%8%'%/%H$b$"$j$^$9�(B.
�$B>\$7$/$O�(B
<A HREF="http://www.net.lut.ac.uk/psst/">http://www.net.lut.ac.uk/psst/</A> �$B$r$4Mw$/$@$5$$�(B.
<P><CODE>ssh</CODE> �$B$r�(B Windows PC �$B$+$i�(B Linux �$B$N�(B <CODE>ssh</CODE>
�$B%5!<%P$KBP$7$F;H$&$3$H$b$G$-$^$9�(B.
Windows �$BMQ$N%/%i%$%"%s%H$N<BAu$O$$$/$D$+$"$j$^$9�(B. �$B$=$N�(B 1 �$B$D$O�(B
<A HREF="http://guardian.htu.tuwien.ac.at/therapy/ssh/">http://guardian.htu.tuwien.ac.at/therapy/ssh/</A> �$B$G$9$7�(B,
DataFellows �$B$K$h$k>&MQ$N<BAu$b�(B
<A HREF="http://www.datafellows.com">http://www.datafellows.com</A>
�$B$K$"$j$^$9�(B.
<P>SSLeay �$B$O�(B Netscape �$B$N�(B Secure Sockets Layer �$B%W%m%H%3%k$N%U%j!<$N<BAu$G$9�(B.
�$B$3$l$K$O�(B Secure telnet, Apache �$BMQ$N%b%8%e!<%k�(B,
�$B$$$/$D$+$N%G!<%?%Y!<%9Ey$N%"%W%j%1!<%7%g%s$,$$$/$D$+4^$^$l$F$*$j�(B,
DES, IDEA, Blowfish �$BEy$N%"%k%4%j%:%`$b$$$/$D$+4^$^$l$F$$$^$9�(B.
<P>�$B$3$N%i%$%V%i%j$r;H$C$F�(B, telnet �$B@\B3>e$N%G!<%?$r0E9f2=$9$k�(B
telnet �$B$N0BA4$JBeBX%W%m%0%i%`$,:n$i$l$^$7$?�(B.
SSH �$B$H0[$J$j�(B, stelnet �$B$O�(B Netscape �$B$,3+H/$7$?�(B
SSL (Secure Sockets Layer) �$B%W%m%H%3%k$r;H$$$^$9�(B.
Secure telnet �$B$H�(B Secure FTP �$B$O�(B SSLeay FAQ �$B$+$i$?$I$C$F8+$D$1$k$3$H$,$G$-$^$9�(B.
�$B$3$N�(B FAQ �$B$O�(B
<A HREF="http://www.psy.uq.oz.au/~ftp/Crypto/">http://www.psy.uq.oz.au/~ftp/Crypto/</A> �$B$K$"$j$^$9�(B.
<P>�$BLuCm�(B: �$BF|K\8lLu$,�(B
<A HREF="http://www.infoscience.co.jp/technical/crypto/ssleay_jp.html">http://www.infoscience.co.jp/technical/crypto/ssleay_jp.html</A>
�$B$K$"$j$^$9�(B.
<P>SRP �$B$OJL$N0BA4$J�(B telnet/ftp �$B$N<BAu$G$9�(B. �$B$=$N�(B WWW �$B%Z!<%8$r0zMQ$9$k$H�(B
<P>
<BLOCKQUOTE>
�$B!V�(BSRP �$B%W%m%8%'%/%H$O@$3&Cf$G%U%j!<$KMxMQ$G$-$k�(B
�$B0BA4$J%$%s%?!<%M%C%H%=%U%H%&%'%"$r3+H/$7$F$$$^$9�(B.
�$B40A4$K0BA4$J�(B telnet �$B$H�(B ftp �$B$NG[I[$r;O$a$H$7$F�(B, �$B2f!9$O<e$$%M%C%H%o!<%/G'>Z$r�(B,
�$B%;%-%e%j%F%#$N$?$a$K%f!<%6%$%s%?%U%'!<%9$r�(B
�$B5>@7$K$7$J$$6/NO$J$b$N$KCV$-49$($?$$$H9M$($F$$$^$9�(B.
�$B%;%-%e%j%F%#$,%*%W%7%g%s$J$s$F$H$s$G$b$J$$�(B!
�$B%;%-%e%j%F%#$O%G%U%)%k%H$G$J$1$l$P$J$j$^$;$s!W�(B
</BLOCKQUOTE>
�$B$H$N$3$H$G$9�(B.
<P>�$B>\$7$$>pJs$K$D$$$F$O�(B
<A HREF="http://srp.stanford.edu/srp">http://srp.stanford.edu/srp</A> �$B$r8+$F$/$@$5$$�(B.
<P>
<H2><A NAME="ss5.10">5.10 PAM - �$B8r492DG=$JG'>Z%b%8%e!<%k�(B</A>
</H2>
<P>�$B:G6a$N%P!<%8%g%s$N�(B Red Hat Linux �$B%G%#%9%H%j%S%e!<%7%g%s$G$O�(B,
"PAM" �$B$H8F$P$l$kE}0l$5$l$?G'>ZJ}K!$,;H$o$l$F$$$^$9�(B.
PAM �$B$r;H$&$H�(B, �$B%7%9%F%`$rF0:n$5$;$?$^$^$G�(B
�$BG'>Z$NJ}K!$dMW7o$rJQ99$9$k$3$H$H%m!<%+%k$NG'>ZJ}K!$r%+%W%;%k2=$9$k$3$H$,�(B
�$B2DG=$K$J$j$^$9�(B. �$B%P%$%J%j$O0l@Z:F%3%s%Q%$%k$9$kI,MW$,$"$j$^$;$s�(B.
PAM �$B$N@_Dj$OK\=q$NHO0O$r1[$($^$9$,�(B, �$BI,$:�(B PAM �$B$N%&%'%V%5%$%H$r8+$F�(B,
�$B>\$7$$>pJs$r8+$F$*$$$F$/$@$5$$�(B.
<A HREF="http://www.kernel.org/pub/linux/libs/pam/index.html">http://www.kernel.org/pub/linux/libs/pam/index.html</A><P>PAM �$B$G2DG=$K$J$k$3$H$r$[$s$N>/$7$@$1Ns5s$7$^$9�(B.
<P>
<UL>
<LI>�$B%Q%9%o!<%I$K�(B DES �$B0J30$N0E9f$rMQ$$$k�(B. (�$BNOG$$;$N2rFI$,Fq$7$/$J$j$^$9�(B)</LI>
<LI>�$B%5!<%S%9K832967b$r<B9T$G$-$J$/$9$k$?$a�(B, �$BA4$F$N%f!<%6$KBP$7$F%j%=!<%9�(B
(�$B%W%m%;%9?t�(B, �$B%a%b%j$NBg$-$5Ey�(B) �$B$N@)8B$r2C$($k�(B. </LI>
<LI>�$B%7%9%F%`$rF0:n$5$;$?$^$^�(B, �$B%7%c%I%&%Q%9%o!<%I�(B(�$B8e=R�(B)�$B$rMxMQ2DG=$K$9$k�(B.</LI>
<LI>�$BFCDj$N%f!<%6$K$D$$$F�(B, �$BFCDj$N2s?t$N$_�(B, �$BFCDj$N>l=j$+$i%m%0%$%s$r5v2D$9$k�(B.</LI>
</UL>
<P>�$B%7%9%F%`$N%$%s%9%H!<%k$H@_Dj$r9T$&?t;~4V$N4V$K�(B,
�$B<B:]$K967b$r<u$1$kA0$KB?$/$N967b$rM=KI$7$F$*$/$3$H$,$G$-$^$9�(B.
�$BNc$($P�(B PAM �$B$r;H$&$H�(B, �$B%[!<%`%G%#%l%/%H%j$N�(B
<CODE>.rhosts</CODE> �$B%U%!%$%k$N;HMQ$r%7%9%F%`A4BN$GL58z$K$9$k$3$H$,$G$-$^$9�(B.
�$B@_Dj$O�(B <CODE>/etc/pam.d/rlogin</CODE> �$B$K0J2<$N$h$&$J9T$rDI2C$7$^$9�(B:
<BLOCKQUOTE><CODE>
<PRE>
#
# Disable rsh/rlogin/rexec for users
#
login auth required pam_rhosts_auth.so no_rhosts
</PRE>
</CODE></BLOCKQUOTE>
<P>
<H2><A NAME="ss5.11">5.11 �$B0E9f$K$h$k�(B IP �$B$N%+%W%;%k2=�(B (Cryptographic IP Encapsulation, CIPE)</A>
</H2>
<P>�$B$3$N%=%U%H%&%'%"$N4pK\E*$JL\E*$O�(B,
�$B%$%s%?!<%M%C%H$N$h$&$J0BA4$G$J$$%Q%1%C%H%M%C%H%o!<%/$rDL$k0BA4$J�(B
(�$B%H%i%U%#%C%/2r@O�(B, �$B56%a%C%;!<%8:.F~$r4^$`EpD0$KBP$7$F�(B)
�$B%5%V%M%C%H%o!<%/4V@\B3$rDs6!$9$k$3$H$G$9�(B.
<P>CIPE �$B$O%G!<%?$r%M%C%H%o!<%/%l%Y%k$G0E9f2=$7$^$9�(B.
�$B$D$^$j�(B, �$B%M%C%H%o!<%/>e$N%[%9%H4V$rE>Aw$5$l$k%Q%1%C%H$,0E9f2=$5$l$^$9�(B.
�$B0E9f2=%(%s%8%s$O%Q%1%C%H$rAw<u?.$9$k%I%i%$%P$N6a$/$KG[CV$5$l$^$9�(B.
<P>CIPE �$B$O�(B, �$B@\B3$4$H$K%=%1%C%H%l%Y%k$G%G!<%?$r0E9f2=$9$k�(B SSH �$B$H$O0[$J$j$^$9�(B.
�$B0[$J$k%[%9%H>e$G<B9T$5$l$F$$$k%W%m%0%i%`4V$NO@M}E*$J@\B3$,0E9f2=$5$l$^$9�(B.
<P>CIPE �$B$O2>A[%W%i%$%Y!<%H%M%C%H%o!<%/�(B (Virtual Private Network) �$B$r9=C[$9$k$?$a$K�(B,
�$B%H%s%M%j%s%0$G;H$&$3$H$,$G$-$^$9�(B. �$BDc%l%Y%k$N0E9f2=$K$O�(B,
�$B%"%W%j%1!<%7%g%s%=%U%H%&%'%"$rJQ99$7$J$/$F$b�(B, VPN �$B$K@\B3$7$F$$$k�(B
2 �$B$D$N%M%C%H%o!<%/4V$GF)2aE*$KF0:n$5$;$k$3$H$,$G$-$k$H$$$&MxE@$,$"$j$^$9�(B.
<P>CIPE �$B$N%I%-%e%a%s%H$+$i$NMWLs$G$9�(B:
<P>
<BLOCKQUOTE>
IPSEC �$BI8=`$O�(B, �$B0E9f2=$5$l$?�(B VPN �$B$r9=C[$9$k$?$a�(B (�$BB>$K$b$"$j$^$9$,�(B)
�$B$K;H$&$3$H$,$G$-$k%W%m%H%3%k72$rDj5A$7$F$$$^$9�(B.
�$B$7$+$7�(B, IPSEC �$B$O%*%W%7%g%s$,$?$/$5$s$"$kHf3SE*=E$/$FJ#;($J%W%m%H%3%k72$G�(B,
�$B%W%m%H%3%k72$N40A4$J<BAu$O$^$@$[$H$s$I;H$o$l$F$*$i$:�(B,
�$B0lIt$NLdBj�(B (�$B804IM}$J$I�(B) �$B$O$^$@40A4$K$O2r7h$5$l$F$$$^$;$s�(B.
CIPE �$B$OHf3SE*4JC1$J%"%W%m!<%A$r<h$C$F$*$j�(B,
CIPE �$B$K$*$$$F%Q%i%a!<%?2=$G$-$k$3$H$NB?$/�(B
(�$B<B:]$K;H$&0E9f2=%"%k%4%j%:%`$NA*Br$J$I�(B)�$B$O�(B,
�$B%$%s%9%H!<%k;~$KA*Br$7$?$b$N$K8GDj$5$l$^$9�(B. �$B$3$l$O=@Fp$5$r@)8B$7$^$9$,�(B,
�$B<BAu$,4JC1$K�(B (�$B$7$?$,$C$F�(B, �$B8zN(E*$G%G%P%C%0$b$7$d$9$/�(B) �$B$J$j$^$9�(B.
</BLOCKQUOTE>
<P>�$B>\$7$$>pJs$O�(B
<A HREF="http://www.inka.de/~bigred/devel/cipe.html">http://www.inka.de/~bigred/devel/cipe.html</A> �$B$K$"$j$^$9�(B.
<P>�$BB>$N0E9f2=$HF1MM$NM"=P@)8B$N$?$a�(B, CIPE �$B$O%+!<%M%k$H0l=o$K$OG[I[$5$l$F$$$^$;$s�(B.
<P>
<P>
<H2><A NAME="ss5.12">5.12 Kerberos</A>
</H2>
<P>Kerberos �$B$O�(B MIT �$B$N�(B Athena Project �$B$G3+H/$5$l$?G'>Z%7%9%F%`$G$9�(B.
�$B%f!<%6$,%m%0%$%s$7$?;~�(B, Kerberos �$B$O�(B(�$B%Q%9%o!<%I$rMQ$$$F�(B)�$B%f!<%6$rG'>Z$7�(B,
�$B%M%C%H%o!<%/>e$KJ,;6$7$F$$$kB>$N%5!<%P$d%[%9%H$KBP$7$F�(B
�$B%f!<%6$N?HJ,$r>ZL@$9$k$?$a$NJ}K!$rDs6!$7$^$9�(B.
<P>�$B$=$l$+$i�(B, �$B$3$NG'>Z>pJs$O�(B <CODE>rlogin</CODE> �$B$N$h$&$J%W%m%0%i%`$,;H$$�(B,
�$B%f!<%6$,%Q%9%o!<%IL5$7$GB>$N%[%9%H$K%m%0%$%s$9$k$3$H$r5v2D$9$k$?$a$K;H$$$^$9�(B
(<CODE>.rhosts</CODE> �$B%U%!%$%k$NBe$o$j�(B). �$B$3$NG'>ZJ}K!$r%a!<%k%7%9%F%`$G;H$($P�(B,
�$B%a!<%k$,@5$7$$08@h$KG[C#$5$l$?$3$H$NJ]>Z$d�(B,
�$BAw?.<T$,<+J,$,L>>h$C$F$$$kDL$j$N%f!<%6$G$"$k$3$H$NJ]>Z$,9T$($^$9�(B.
<P>Kerberos �$B$*$h$S$3$l$KIUB0$7$F$$$k%W%m%0%i%`$O�(B,
�$B$"$k%f!<%6$,�(B,
�$B<+J,$rB>$N%f!<%6$G$"$k$H%7%9%F%`$K;W$o$;$k!V:>>N!W$r<B<AE*$KIT2DG=$K$7$^$9�(B.
Kerberos �$B$N%$%s%9%H!<%k$O;DG0$J$,$i%7%9%F%`$K?<$/N)$AF~$C$?$b$N$K$J$k$N$G�(B,
�$B4pK\E*$J%W%m%0%i%`$r$?$/$5$s=$@5$7$?$jF~$l49$($?$j$7$J$1$l$P$J$j$^$;$s�(B.
<P>Kerberos �$B$K4X$9$k>\$7$$>pJs$O�(B
<A HREF="http://www.cis.ohio-state.edu/hypertext/faq/usenet/kerberos-faq/general/faq.html">the kerberos FAQ</A> �$B$K$"$j�(B, �$B%3!<%I$O�(B
<A HREF="http://nii.isi.edu/info/kerberos/">http://nii.isi.edu/info/kerberos/</A> �$B$K$"$j$^$9�(B.
<P>[�$B;29M�(B: Stein, Jennifer G., Clifford Neuman, and Jeffrey L. Schiller.
"Kerberos: An Authentication Service for Open Network Systems." USENIX
Conference Proceedings, Dallas, Texas, Winter 1998.]
<P>Kerberos �$B$O%[%9%H$N%;%-%e%j%F%#8~>e$N$?$a$K<h$k$Y$-�(B
�$B:G=i$N%9%F%C%W$G$O$"$j$^$;$s�(B.
Kerberos �$B$OHs>o$KJ#;($G$9$7�(B, �$BNc$($P�(B SSH �$B$[$I;H$o$l$F$$$k$o$1$G$b$"$j$^$;$s�(B.
<P>
<H2><A NAME="ss5.13">5.13 �$B%7%c%I%&%Q%9%o!<%I�(B</A>
</H2>
<P>�$B%7%c%I%&%Q%9%o!<%I$O�(B, �$B0E9f2=$5$l$?%Q%9%o!<%I>pJs$r0lHL%f!<%6$+$i1#$9<jK!$G$9�(B.
Red Hat �$B$H�(B Debian �$B$NN>J}$H$b�(B, �$B:G6a$N%P!<%8%g%s$G$O�(B
�$B%G%U%)%k%H$G%7%c%I%&%Q%9%o!<%I$r;H$&$h$&$K$J$C$F$$$^$9$,�(B,
�$B$[$+$N%7%9%F%`$G$O�(B, �$B0E9f2=$5$l$?%Q%9%o!<%I$OIaDL�(B, �$BC/$G$bFI$a$k�(B
<CODE>/etc/passwd</CODE> �$B$K3JG<$5$l$F$$$^$9�(B.
�$B$7$?$,$C$F�(B, �$BC/$G$b%Q%9%o!<%I?dB,%W%m%0%i%`$r<B9T$7$F�(B
�$B%Q%9%o!<%I$r8+$D$1$h$&$H;n$_$k$3$H$,$G$-$^$9�(B.
�$B0lJ}%7%c%I%&%Q%9%o!<%I$G$O�(B, �$B$3$N>pJs$OFC8"%f!<%6$7$+FI$a$J$$�(B
<CODE>/etc/shadow</CODE> �$B%U%!%$%k$K3JG<$5$l$^$9�(B.
�$B%7%c%I%&%Q%9%o!<%I$rMxMQ$9$k$?$a$K$O�(B,
�$B%Q%9%o!<%I>pJs$X%"%/%;%9$9$kI,MW$,$"$k%f!<%F%#%j%F%#$r�(B
�$BA4$F%7%c%I%&%Q%9%o!<%IBP1~$K:F%3%s%Q%$%k$9$kI,MW$,$"$j$^$9�(B.
(�$B@h=R$N�(B) PAM �$B$r;H$C$F$$$l$P�(B, �$B%7%c%I%&%b%8%e!<%k$r;HMQ$9$k$@$1$G$h$/�(B,
�$B<B9T%U%!%$%k$r:F%3%s%Q%$%k$9$kI,MW$O$"$j$^$;$s�(B.
�$BI,MW$J$i$P�(B Shadow-Password HOWTO �$B$r;2>H$7$F>\$7$$>pJs$rD4$Y$F$/$@$5$$�(B.
�$B$3$N%I%-%e%a%s%H$O�(B
<A HREF="http://linuxdoc.org/HOWTO/Shadow-Password-HOWTO.html">http://linuxdoc.org/HOWTO/Shadow-Password-HOWTO.html</A>
�$B$K$"$j$^$9�(B. �$B$3$N%I%-%e%a%s%H$O8=:_$OB?>/8E$/$J$C$F$$$^$9$7�(B,
PAM �$B$r%5%]!<%H$7$F$$$k%G%#%9%H%j%S%e!<%7%g%s$G$O$?$V$sITMW$G$7$g$&�(B.
<P>�$BLuCm�(B: �$BOBLu$O�(B
<A HREF="http://www.linux.or.jp/JF/JFdocs/Shadow-Password-HOWTO.html">http://www.linux.or.jp/JF/JFdocs/Shadow-Password-HOWTO.html</A>
�$B$K$"$j$^$9�(B.
<P>
<H2><A NAME="crack"></A> <A NAME="ss5.14">5.14 "Crack" �$B$*$h$S�(B "John the Ripper"</A>
</H2>
<P>�$B?dB,$7$K$/$$%Q%9%o!<%I$r$D$1$k$3$H$r�(B <CODE>passwd</CODE>
�$B%W%m%0%i%`$K$*$$$F6/@)$9$k$3$H$,$G$-$J$$>l9g$O�(B,
�$B%Q%9%o!<%I$r%/%i%C%-%s%0$9$k%W%m%0%i%`$r<B9T$7�(B,
�$B%f!<%6$N%Q%9%o!<%I$,0BA4$+$I$&$+3NG'$9$k$H$h$$$G$7$g$&�(B.
<P>�$B%Q%9%o!<%I%/%i%C%/$N%W%m%0%i%`$O�(B, �$BC1=c$J9M$($K4p$E$$$FF0:n$7$^$9�(B.
�$B$D$^$j�(B, �$B<-=q$K:\$C$F$$$kC18l$H$3$l$i$NC18l$NJQ2=7A$r=g$K;n$9$N$G$9�(B.
�$B$=$l$>$l$r0E9f2=$7�(B, �$B0E9f2=$5$l$?%Q%9%o!<%IJ8;zNs$HHf$Y$^$9�(B.
�$B$3$l$i$,0lCW$9$l$P�(B, �$B%Q%9%o!<%I$,$o$+$j$^$9�(B.
<P>�$B$3$N$h$&$J%W%m%0%i%`$O$?$/$5$s$"$j$^$9$,�(B, �$B$=$NCf$G$b�(B "Crack" �$B$H�(B
"John the Ripper" (
<A HREF="http://www.false.com/security/john/index.html">http://www.false.com/security/john/index.html</A>) �$B$N�(B 2 �$B$D$,M-L>$G$9�(B.
�$B$3$l$i$O�(B CPU �$B%Q%o!<$rBgNL$K>CHq$7$^$9$,�(B, �$BM=$a$3$l$r<B9T$7$F$*$/$3$H$G�(B,
�$B967b<T$,$3$l$i$N%D!<%k$r;H$C$F?/F~$9$k$3$H$,$G$-$k$+$I$&$+CN$k$3$H$,$G$-�(B,
�$B@H<e$J%Q%9%o!<%I$r;H$C$F$$$k%f!<%6$KCm0U$9$k$3$H$,$G$-$^$9�(B.
�$B967b<T$O%Q%9%o!<%I%U%!%$%k�(B (UNIX �$B$G$O�(B <CODE>/etc/passwd</CODE>) �$B$rF~<j$9$k$?$a$K�(B,
�$B$^$:B>$N%;%-%e%j%F%#%[!<%k$rFM$+$J$1$l$P$J$j$^$;$s$,�(B,
�$B$=$l$OFI<T$N3'$5$s$,$,9M$($F$$$k$h$j$b$"$j$U$l$F$$$k$b$N$G$"$k$3$H$O�(B
�$BCN$C$F$*$$$F$/$@$5$$�(B.
<P>�$B:G$b<e$$%[%9%H$N6/$5$,A4BN$N%;%-%e%j%F%#$N6/$5$K$J$C$F$7$^$$$^$9�(B.
�$B$G$9$+$i�(B, �$B%M%C%H%o!<%/>e$K�(B Windows �$B%^%7%s$,$"$k>l9g$K$O�(B
L0phtCrack �$B$rD4$Y$k$Y$-$@$H$$$&$3$H$O8@5Z$7$F$*$/2ACM$,$"$k$G$7$g$&�(B.
�$B$3$l$O�(B Crack �$B$N�(B Windows �$BMQ$N<BAu$G$9�(B.
�$B$3$l$O�(B
<A HREF="http://www.l0pht.com">http://www.l0pht.com</A> �$B$GF~<j$G$-$^$9�(B.
<P>
<H2><A NAME="ss5.15">5.15 CFS (�$B0E9f2=%U%!%$%k%7%9%F%`�(B)�$B$H�(B TCFS (�$BF)2aE*0E9f2=%U%!%$%k%7%9%F%`�(B)</A>
</H2>
<P>CFS �$B$O%G%#%l%/%H%j%D%j!<A4BN$r0E9f2=$9$k<jK!$G�(B,
�$B$3$N%D%j!<$K0E9f2=$5$l$?%U%!%$%k$rCV$/$3$H$,$G$-$^$9�(B.
�$B$3$l$O%m!<%+%k%^%7%s>e$G�(B NFS �$B%5!<%P$rF0:n$5$;$^$9�(B.
RPM �$B$O�(B
<A HREF="http://www.zedz.net/redhat/">http://www.zedz.net/redhat/</A> �$B$GF~<j2DG=$G$"$j�(B,
�$BF0:n$K4X$9$k>pJs$O�(B
<A HREF="ftp://ftp.research.att.com/dist/mab/">ftp://ftp.research.att.com/dist/mab/</A> �$B$GF@$i$l$^$9�(B.
<P>TCFS �$B$O�(B CFS �$B$r2~NI$7$?$b$N$G�(B, �$B%U%!%$%k%7%9%F%`$H$NE}9g$r$h$j?J$a$?$b$N$G$9�(B.
�$B$7$?$,$C$F�(B, �$B%f!<%6$OF)2aE*$K0E9f2=%U%!%$%k%7%9%F%`$rMxMQ$9$k$3$H$,$G$-$^$9�(B.
�$B>\$7$$>pJs$O�(B
<A HREF="http://edu-gw.dia.unisa.it/tcfs/">http://edu-gw.dia.unisa.it/tcfs/</A> �$B$GF@$i$l$^$9�(B.
<P>TCFS �$B$OI,$:$7$b%U%!%$%k%7%9%F%`A4BN$G;H$&I,MW$O$"$j$^$;$s�(B.
�$B$3$l$b%G%#%l%/%H%j%D%j!<$G;HMQ$9$k$3$H$,$G$-$^$9�(B.
<P>
<H2><A NAME="ss5.16">5.16 X11, SVGA, �$B%G%#%9%W%l%$$K4X$9$k%;%-%e%j%F%#�(B</A>
</H2>
<P>
<H3>X11</H3>
<P>�$B%0%i%U%#%C%/%G%#%9%W%l%$$r0BA4$K$7$F$*$-�(B, �$B967b<T$,F~NO$7$?%Q%9%o!<%I$rC%$C$?$j�(B,
�$B2hLL$G8+$F$$$k%I%-%e%a%s%H$d>pJs$rFI$s$@$j�(B,
�$B%;%-%e%j%F%#%[!<%k$rFM$$$F�(B
root �$B8"8B$rC%$C$?$j$G$-$J$$$h$&$K$7$F$*$/$3$H$O=EMW$G$9�(B.
X �$B%"%W%j%1!<%7%g%s$r%M%C%H%o!<%/1[$7$K%j%b!<%H$GF0:n$5$;$k$3$H$b�(B,
�$B%j%b!<%H$N%7%9%F%`$H$N$d$j$H$j$rA4ItEpD0$5$l$F$7$^$&4m81$rH<$&$3$H$,$"$j$^$9�(B.
<P>X �$B$K$O%"%/%;%9@)8f5!9=$,$$$/$D$b$"$j$^$9�(B.
�$B$=$NCf$G:G$b4JC1$J$b$N$O%[%9%H$K4p$E$/$b$N$G$9�(B.
<CODE>xhost</CODE> �$B%3%^%s%I$rMQ$$$l$P�(B,
�$B%G%#%9%W%l%$$X$N%"%/%;%9$,5v2D$5$l$k%[%9%H$r;XDj$G$-$^$9�(B.
�$B$7$+$7�(B, �$B$3$N5!9=$OHs>o$K4m81$G$9�(B.
�$B%^%7%s$K%"%/%;%9$G$-$k?M$O�(B, <CODE>xhost +</CODE> �$B$r<B9T$7�(B,
�$BMF0W$K?/F~$9$k$3$H$,$G$-$^$9�(B.
�$B$b$7�(B, �$B?.Mj$G$-$J$$%[%9%H$+$i$N%"%/%;%9$r5v2D$7$J$1$l$P$J$i$J$$>l9g$K$O�(B,
�$B$=$N%[%9%H$K%m%0%$%s$7$F$$$k%f!<%6$O�(B
�$BC/$G$b%G%#%9%W%l%$$KIT@5%"%/%;%9$9$k$3$H$,$G$-$^$9�(B.
<P>�$B%m%0%$%s$N$?$a$K�(B <CODE>xdm</CODE> (X �$B%G%#%9%W%l%$%^%M!<%8%c�(B) �$B$r;H$C$F$$$k>l9g�(B,
�$B$:$C$HNI$$%"%/%;%9J}K!$G$"$k�(B MIT-MAGIC-COOKIE-1 �$B$r;H$$$^$7$g$&�(B.
�$B$3$N5!9=$O�(B 128�$B%S%C%HD9$N!V%/%C%-!<!W$r@8@.$7$F�(B,
�$B%f!<%6$N%[!<%`%G%#%l%/%H%j$N�(B <CODE>.Xauthority</CODE> �$B%U%!%$%k$K3JG<$7$^$9�(B.
�$B%j%b!<%H$N%^%7%s$K%G%#%9%W%l%$$X$N%"%/%;%9$r5v2D$9$k$K$O�(B,
<CODE>xauth</CODE> �$B%3%^%s%I$H�(B <CODE>.Xauthority</CODE> �$B%U%!%$%kFb$N>pJs$r;H$C$F�(B,
�$B$=$N@\B3$@$1$r5v2D$9$k$h$&$K$7$^$9�(B.
Remote-X-Apps mini-howto �$B$r$4Mw$/$@$5$$�(B. �$B$3$l$O�(B
<A HREF="http://linuxdoc.org/HOWTO/mini/Remote-X-Apps.html">http://linuxdoc.org/HOWTO/mini/Remote-X-Apps.html</A>
�$B$GF~<j$G$-$^$9�(B.
<P>�$BLuCm�(B:
<A HREF="http://www.linux.or.jp/JF/JFdocs/Remote-X-Apps.html">Remote-X-Apps �$B$NOBLu�(B</A> �$B$,$"$j$^$9�(B.
<P>X �$B$N@\B3$r0BA4$K9T$&$?$a$K�(B <CODE>ssh</CODE>
(�$BA0=R$N�(B
<A HREF="#ssh">ssh</A>
�$B$N9`$r;2>H$N$3$H�(B) �$B$r;H$&$3$H$b$G$-$^$9�(B.
<CODE>ssh</CODE> �$B$K$O�(B, �$B%f!<%6$,F)2aE*$K07$&$3$H$,$G$-$k�(B,
�$B$*$h$S%M%C%H%o!<%/>e$K0E9f2=$5$l$F$$$J$$%G!<%?$,N.$l$J$$�(B,
�$B$H$$$&�(B 2 �$B$D$NMxE@$,$"$j$^$9�(B.
<P>X �$B$N%;%-%e%j%F%#$K$D$$$F$N>\$7$$>pJs$K$D$$$F$O�(B, �$B%*%s%i%$%s%^%K%e%"%k$N�(B
<CODE>Xsecurity</CODE> �$B$r;2>H$7$F$/$@$5$$�(B. �$B0BA4$J:v$H$7$F$O�(B,
�$B%3%s%=!<%k$K%m%0%$%s$9$k$H$-$K$O�(B <CODE>xdm</CODE> �$B$r;H$$�(B,
�$B%j%b!<%H$N%5%$%H$G�(B X �$B$N%W%m%0%i%`$r<B9T$7$?$$$H$-$O�(B
<CODE>ssh</CODE> �$B$r;H$&$3$H$G$9�(B.
<P>
<H3>SVGA </H3>
<P>SVGAlib �$B$r;H$&%W%m%0%i%`$O%S%G%*4X78$N%O!<%I%&%'%"$rA`:n$9$k$?$a�(B,
�$BIaDL$O�(B root �$B$K�(B setuid �$B$5$l$^$9�(B. �$B$3$l$OHs>o$K4m81$G$9�(B.
�$B%W%m%0%i%`$,%/%i%C%7%e$7$?>l9g�(B,
�$BIaDL$O%3%s%=!<%k$r85$KLa$9$?$a%^%7%s$r:F5/F0$7$J$/$F$O$J$i$J$/$J$C$F$7$^$$$^$9�(B.
�$B$3$N$h$&$J%W%m%0%i%`$K$D$$$F$O�(B, �$B3N<B$K?.Mj$G$-$k$3$H�(B,
�$B$"$k$$$O>/$J$/$H$b>/$7$O?.MQ$G$-$k$3$H$r3N$+$a$F$/$@$5$$�(B.
�$B$G$-$l$P�(B, �$B$=$b$=$b;H$o$J$$$N$,NI$$$G$7$g$&�(B.
<P>
<H3>GGI (Generic Graphics Interface project)</H3>
<P>Linux GGI �$B%W%m%8%'%/%H$O�(B Linux �$B$N%S%G%*%$%s%?%U%'!<%9$NLdBj$K$D$$$F�(B
�$B$R$H$D$N2r$rDs0F$7$h$&$H$9$k;n$_$G$9�(B.
GGI �$B$G$O�(B Linux �$B$N%+!<%M%kFb$K>/$7%S%G%*4X78$N%3!<%I$rF~$l�(B,
�$B$=$&$7$F%S%G%*$X%"%/%;%9$7$^$9�(B.
�$B$D$^$j�(B, GGI �$B$r;H$($P$$$D$G$b%3%s%=!<%k$r@5>o$J>uBV$KLa$9$3$H$,$G$-$^$9�(B.
�$B$^$?�(B, secure attention key �$B$r;H$&$3$H$,$G$-�(B,
�$B%3%s%=!<%k$G%H%m%$$NLZGO$,F~$C$?�(B
<CODE>login</CODE> �$B%W%m%0%i%`$r;H$o$l$k$N$rKI$2$^$9�(B.
<A HREF="http://synergy.caltech.edu/~ggi/">http://synergy.caltech.edu/~ggi/</A>
<P>
<HR>
<A HREF="Security-HOWTO-6.html">�$B<!$N%Z!<%8�(B</A>
<A HREF="Security-HOWTO-4.html">�$BA0$N%Z!<%8�(B</A>
<A HREF="Security-HOWTO.html#toc5">�$BL\<!$X�(B</A>
</BODY>
</HTML>
