1 2 3 4 5 6 | # fpm -l medium -p chmod 0555 /sbin/helpers/jfs2/backbyinode chmod 0550 /sbin/helpers/jfs2/diskusg chmod 0555 /sbin/helpers/jfs2/restbyinode .. .. |
1 2 3 | # fpm -l medium .. .. |
1 2 | # ls -l /usr/sbin/chdev -r-xr-x--- 1 root system 27496 Mar 22 2011 /usr/sbin/chdev |
1 2 | # fpm -s Medium level security. |
1 | <suid octal permission to restore> < full path/file-name> <current octal permission> |
1 2 3 4 5 6 7 | # cat 12062011_17:48:35 4550 /usr/sbin/cfgmgr 0550 4550 /usr/sbin/chcod 0550 4550 /usr/sbin/chcons 0550 4550 /usr/sbin/chdev 0550 … … |
1 | # fpm -l default -f /var/security/fpm/log/12062011_17:48:35 |
1 2 | # ls -l /usr/sbin/chdev -r-sr-x--- 1 root system 27496 Mar 22 2011 /usr/sbin/chdev |
1 2 | # fpm -s Customized level security. |
1 | # fpm -l default |
1 2 | # fpm -s Default level security. |
1 | <suid octal permission to restore> < full path/file-name> |
1 2 3 4 5 6 | # pwd /usr/lib/security/fpm/custom/default # cat mydefaults 4550 /usr/local/bin/grab_db2_audit 4550 /usr/local/bin/load_extract |
1 2 3 4 5 6 | # fpm -l default … ... chmod 4550 /usr/sbin/invscoutd chmod 4550 /usr/local/bin/grab_db2_audit chmod 4550 /usr/local/bin/load_extract |
1 | < full path /file-name> |
1 2 3 4 5 6 | # pwd /usr/lib/security/fpm/custom/med # cat mydefaults2 /usr/local/bin/load_extract /usr/local/bin/grab_db2_audit |
1 2 3 4 5 6 7 | # pwd /usr/local/bin # ls -lt |head total 9512 -r-sr-x--- 1 root app1 30681 Dec 05 22:17 load_extract -r-sr-x--- 1 aixdev app1 52697 Dec 05 18:08 grab_db2_audit |
1 2 3 4 5 6 7 8 | # fpm -l medium # fpm -s Medium level security. # ls -lt |head total 9512 -r-xr-x--- 1 root app1 30681 Dec 05 22:17 load_extract -r-xr-x--- 1 aixdev app1 52697 Dec 05 18:08 grab_db2_audit |
1 2 3 4 5 6 7 8 9 10 11 12 | # aclget load_extract * * ACL_type AIXC * attributes: SUID base permissions owner(root): r-x group(app1): r-x others: --- extended permissions enabled deny r-x u:alpha |
1 2 3 | # ls -lUt |head total 9512 -r-sr-x---+ 1 root app1 30681 Dec 05 22:17 load_extract |
1 2 3 4 5 6 | # fpm -l medium # fpm -s Medium level security. # ls -lUt |head -r-xr-x--- 1 root app1 30681 Dec 05 22:17 load_extract |
1 2 3 4 5 6 7 8 9 10 11 12 | # aclget load_extract * * ACL_type AIXC * attributes: base permissions owner(root): r-x group(app1): r-x others: --- extended permissions disabled deny r-x u:alpha |
欢迎光临 电子技术论坛_中国专业的电子工程师学习交流社区-中电网技术论坛 (http://bbs.eccn.com/) | Powered by Discuz! 7.0.0 |