One , Status of the problem

The company usually produces hundreds of servers , Even thousands, tens of thousands , There are many operators ( development + Operation and maintenance + framework +DBA). Use it Linux Server time , The level of employees with different functions is different , The familiarity of experienced and novice employees is different , If the authority control is improper ( as root Authority overflow ), There are great hidden dangers in the security of the server . to this end , The operation and maintenance personnel generally have a set of system user and authority standard specification .

Two , standard specification

The super user password is in the hands of a few or only administrators , You also want multiple system administrators or personnel with relevant permissions , Be able to complete more complex work related to their own functions , It will not lead to system security risks due to ultra vires operation .

Minimum principle

* 1, Minimize installation software .
* 2, Minimize directory file permissions .
* 3, Minimize user rights .
* 4, Minimize program permissions
Three , Normative cases

1,root【 System highest authority user 】 Have all rights , User maintenance level .
2,work【 Online business service users 】 Have relevant service control management authority and part of the system authority .
3,user【 Normal user rights 】 Used to log in to the server to view the business log , Configure and run some simple scripts , Right to read , No right to manipulate and manage online business services and system configuration .
4,read readonly account number , Read only after logging on to the server , No write permission .
5,dia【 Dedicated users of log data collection 】 Dedicated users of online business service log data collection , Only have the right to read business service log and run log to grab relevant programs or scripts .

Technology
©2019-2020 Toolsou All rights reserved,
QQ Login interface implementation code implementation mysql Addition, deletion, modification and query of database JAVA Experiment 4 set and functional programming experiment about String How to create objects VHDL——4 choose 1 Data selector C language ( Guess numbers games ) Blue Bridge Cup MCU advanced module --NE555 I don't memorize eight part essays , You go to the interview ? Hill sorting of sorting algorithm ——c++ realization python What does built-in function mean _python What are the built-in functions