Access Control Mechanisms in Linux
By taking this course you will thoroughly learn the methods used in Linux to control access to resources, from simple file modes through to AppArmor, with filesystem based and Network Server based ACLS in between.
What you'll learn
Being able to control resource access is one of the most fundamental security features of any operating system. In this course, Access Control Mechanisms in Linux, you will learn the foundation knowledge required for the different methods used in Linux. First, you will start, initially, with the basic file mode and special permissions to ensure that nothing has escaped you. Next, you will look at both local ACLs and network-based ACLS. By this, it implies you will learn to the manage POSIX ACLs in the local filesystem, NFSv4 ACLs working with Network File Servers, and CIFS ACLs with SAMBA Servers. Moving on, you will discover how to implement Kerberos-based authentication to NFS Exports. Finally, this course introduces you to Mandatory ACLs in the form of AppArmor. By the end of this course, you will have gained the required knowledge to secure your Linux system using ACLs.
Table of contents
- Working with the File Mode 8m
- Displaying Permissions and Metadata from the CLI 3m
- Working with the File Umask and Setting Permissions 8m
- Understanding Special Permissions and How They Are Used 8m
- Setting Special Permissions on Files and Directories 10m
- Understanding File Tests in Linux 5m
- Summary and What's Next 3m
- File Share Security 4m
- Using Pseudo-root Filesystems 4m
- Setting the NFS Domain Name 7m
- Deny Access to Users 4m
- Setting Inheritance in NFS Permissions 7m
- Understanding How to Enhance Security with Kerberos 6m
- Kerberos Authentication within NFS 9m
- Installing Samba 8m
- Name Mapping and ACLs in CIFS 6m
- Summary and What's Next 2m
About the author
Andrew is an all around Linux professional with in depth knowledge of the OS and this is supported with scripting in bash, perl, python and ruby and application development in C, C++ and Java. Having worked for many years in training, Andrew has developed automated course build systems after endless time wasted on Friday nights. The first build system he built was aptly named "Friday nights." This has inspired his interest in all things deployment related. He has authored training courses on M... more