One , Status of the problem

The company usually produces hundreds of servers , Even thousands, tens of thousands , There are many operators ( development + Operation and maintenance + framework +DBA). Use it Linux Server time , The level of employees with different functions is different , The familiarity of experienced and novice employees is different , If the authority control is improper ( as root Authority overflow ), There are great hidden dangers in the security of the server . to this end , The operation and maintenance personnel generally have a set of system user and authority standard specification .

Two , standard specification

The super user password is in the hands of a few or only administrators , You also want multiple system administrators or personnel with relevant permissions , Be able to complete more complex work related to their own functions , It will not lead to system security risks due to ultra vires operation .

Minimum principle

* 1, Minimize installation software .
* 2, Minimize directory file permissions .
* 3, Minimize user rights .
* 4, Minimize program permissions
Three , Normative cases

1,root【 System highest authority user 】 Have all rights , User maintenance level .
2,work【 Online business service users 】 Have relevant service control management authority and part of the system authority .
3,user【 Normal user rights 】 Used to log in to the server to view the business log , Configure and run some simple scripts , Right to read , No right to manipulate and manage online business services and system configuration .
4,read readonly account number , Read only after logging on to the server , No write permission .
5,dia【 Dedicated users of log data collection 】 Dedicated users of online business service log data collection , Only have the right to read business service log and run log to grab relevant programs or scripts .

©2019-2020 Toolsou All rights reserved,
One is called “ Asking for the train ” A small village Finally got the train Spring Boot Lesson 16 :SpringBoot Implementation of multithreading with injection class Chrome OS, For programmers and Windows What does it mean ? Internet Marketing JAVA Convert a string to a numeric type I've been drinking soft water for three years ? What is the use of soft water and water softener You don't know ——HarmonyOS Talking about uni-app Page value transfer problem JavaScript Medium Call and ApplySparkSQL Achieve partition overlay write Character recognition technology of vehicle license plate based on Neural Network