Unix Security & groups configuration...
Posted on 1998-08-24
We are running Solaris 2.5.1 on E3000 & Sparc 4/5's.
We also have 2 NT 4.0 servers and a Novell 3.12 server.
We are implementing a private WAN over our countrywide branch network using our Telephone/Internet service provider.
Our 8 branches have a Sparc4 or 5 running Solaris 2.5.1 on Ethernet LANs. Our application is client/server. On the server side (Solaris 2.5.1) we have Informix OWS 7.2.UC2 and MicroFocus Cobol 4.0. On the client side we have Win95b and APS generated DLLs.
Our telephone service provider is saying that the PVC will be secure but I don't think that is absolutely true.
We want to protect our clients' data from outsiders, primarily.
We are located in Belize, Central America.
What security & encryption functions can I enable from Solaris, for example Kerberos & DES. I recall trying to setup DES encryption on a Sparc20 a few years ago, but It got messy and I could not access root account again. I had to reinstall the machine.
How can I find out what security & encryption tools are installed or available on the Solaris OS?
I'm having some problems with unix groups: Even with group permissions set, users in the same group cannot overwrite files from other users in the same group. This is needed because the group is for developers who frequently recompile executables, etc.
The only way that a user can overwrite another user's file in the same group is if the permissions are set to 777. I tried setting the umask to 000 but that only results in 666.
It's really weird why the permissions don't appear to be working the way they should.
I also would appreciate some comments or suggestions about this problem.
Thanks in advance for your help!
By the way this posting is also feedback from a previous posting about unix security.
Why is is a good idea to create a group for each user?
Then how will you handle users who need to share files?
Can soft links be used to share files and directories between groups of users?
Thanks again for your time!