Merge pull request #17 from SCAR-iT-COLO/12-sanitize-chapter-5

Sanitize Chapter 5
2024-09-05 17:17:20 -06:00 · 2024-09-05 17:17:20 -06:00 · 8cebf78356
commit 8cebf78356
parent 7852c036bc 6557698228
3 changed files with 25 additions and 50 deletions
--- a/Ownership/The
+++ b/Ownership/The
@ -12,17 +12,16 @@ Sudo operates on the principle of least privilege, allowing users to run specifi

 The basic syntax for sudo is:

-```
-sudo [options] command
-```
+`sudo [options] command`

 ### Common Options

- `-u` username: Run the command as a user other than root
- `-i:` Simulate initial login (shell)
- `-s:` Run the specified shell
- `-l:` List the allowed commands for the current user
- `-v:` Validate and update the user's timestamp without running a command
+- `-u`: username: Run the command as a user other than root
+- `-i`: Simulate initial login (shell)
+- `-s`: Run the specified shell
+- `-l`: List the allowed commands for the current user
+- `-v`: Validate and update the user's timestamp without running a command
+- `-E`: Preserve the current "E"nvironment

 ## Configuration

@ -30,9 +29,7 @@ Sudo's behavior is controlled by the /etc/sudoers file. This file defines who ca

 >**To edit the sudoers file:**

-```
-sudo visudo
-```
+`sudo visudo`

 ## Basic sudoers File Structure

@ -44,35 +41,25 @@ root    ALL=(ALL:ALL) ALL
 %sudo   ALL=(ALL:ALL) ALL

 # Allow specific user to run specific commands without a password
-username ALL=(ALL) NOPASSWD: /path/to/command1, /path/to/command2
+#username ALL=(ALL) NOPASSWD: /path/to/command1, /path/to/command2 #remove comment at beginning of line
 ```

 ### Usage Examples

 - Run a command as root:
-```
-sudo apt update
-```
+`sudo apt update`

 - Edit a system file:
-```
-sudo nano /etc/hosts
-```
+`sudo nano /etc/hosts`

 - Switch to root user:
-```
-sudo -i
-```
+`sudo -i`

 - Run a command as another user:
-```
-sudo -u username command
-```
+`sudo -u username command`

 - List allowed commands:
-```
-sudo -l
-```
+`sudo -l`

 ### Sudo vs. Su

@ -103,8 +90,4 @@ While both sudo and su can be used to gain root privileges, sudo is generally pr

 - Forgotten sudo password: Boot into recovery mode to reset the password

- Syntax errors in sudoers: Use visudo to edit and check for errors
-
-# Conclusion
-
-The sudo command is a powerful tool for managing privileges in Linux systems. By understanding its configuration and usage, system administrators can maintain a secure environment while still allowing users to perform necessary tasks with elevated permissions.
+- Syntax errors in sudoers: Use visudo to edit and check for errors
--- a/Ownership/Understanding
+++ b/Ownership/Understanding
@ -1,4 +1,4 @@
-# File Permissions in Linux: A Comprehensive Guide
+# Understanding File Permissions in Linux

 ## 1. Introduction to File Permissions

@ -23,15 +23,13 @@ There are three types of users:

 To view file permissions, use the `ls -l` command. The output will look like this:

-```
-rwxrw-r-- 1 user group 4096 Jul 22 10:00 example.txt
-```
+`-rwxrw-r-- 1 user group 4096 Jul 22 10:00 example.txt`

 Let's break down this information:
 - First character: File type (- for regular file, d for directory)
 - Next 9 characters: Permissions for owner, group, and others
- User and group names
- File size
+- User name and group names
+- File size in bytes
 - Last modification date and time
 - File name

@ -66,9 +64,7 @@ The sum of these values for each user category represents the permissions:
 ### Using chmod with Symbolic Notation
 The `chmod` command is used to change file permissions. The basic syntax is:

-```
-chmod [who][operation][permissions] filename
-```
+`chmod [who][operation][permissions] filename`

 - Who: u (user/owner), g (group), o (others), a (all)
 - Operation: + (add), - (remove), = (set exactly)
@ -144,8 +140,4 @@ Example:
 - Always use the principle of least privilege
 - Regularly audit file permissions
 - Be cautious when using recursive permission changes
- Understand the implications of SetUID and SetGID bits
-
-## 11. Conclusion
-
-Understanding Linux file permissions is crucial for maintaining system security and proper access control. By mastering these concepts and commands, you can effectively manage file access and protect sensitive data on your Linux systems.
+- Understand the implications of SetUID and SetGID bits
--- a/Ownership/Understanding
+++ b/Ownership/Understanding
@ -29,12 +29,12 @@ In Linux, every user and group is assigned a unique numerical identifier. For us
 - GID 65534 (nogroup): Often used for unprivileged processes.

 ## 6. Viewing and modifying UIDs and GIDs:
- View current user and group: id command
+- View current user and group: `id $USER`
 - View all users: cat /etc/passwd
 - View all groups: cat /etc/group
- Change a user's UID: usermod -u NEW_UID USERNAME
- Change a group's GID: groupmod -g NEW_GID GROUPNAME
- Add a user to a group: usermod -aG GROUPNAME USERNAME
+- Change a user's UID: `sudo usermod -u NEW_UID USERNAME`
+- Change a group's GID: `sudo groupmod -g NEW_GID GROUPNAME`
+- Add a user to a group: `sudo usermod -aG GROUPNAME USERNAME`

 ## 7. UIDs, GIDs, and file permissions:
 - Each file and directory in Linux has an owner (UID) and a group (GID).