Tag: authorization

“Don’t share your passwords with anyone!” We say it repeatedly in Learning Tree’s System and Network Security Introduction, and I’m sure I’ve said it on this blog more than once. It’s bad practice; it leads to potential insecurity, and it means systems aren’t able to properly account for use. Sharing passwords is also illegal in some […]

Last week I was explaining the important distinction between authentication and authorization, and how Linux  handles them in PAM and polkit, respectively. The PolicyKit Authentication Framework or polkit controls how subjects or unprivileged programs (such as a user’s shell) can be allowed to run mechanisms or privileged programs (such as normally root-only programs like mount […]

I started out working to prevent something that the manual pages said should already be impossible, and ended up exploring what was to me a whole new area of Linux security. Join me in my exploration. Don’t Let The Users Flip The Switch According to the manual pages for halt, poweroff, shutdown, and reboot, only […]