AdvLinux for i486SX Manual
14
5. System safety and optimization
5.1. Responsibility of system safety management
The system safety is greatly relative to the manager. The manager’s
responsibility includes four aspects:
(1) Prevent unauthorized access: This is the most important issue about
the safety. To avoid unauthorized access, the key steps include
password management, record and report about logging in activities,
periodical check for user network activities.
(2) Anti-telling: Avoid the authorized and unauthorized user’s access
important information of each other. The measures for anti-telling
include encrypting, file system check, su logging in and report.
(3) The system manager can examine the system periodically by ps, df and
du commands, deal with the processes and files that overuse the system
resource.
(4) Keep the system integrality. Periodically backup the file system,
Perform the fsck command to check system breakdown, restore the file
system, etc.
5.2. Password
The update realizes the function of auto login. If users select
“manually install” during the installation, the installation program
will ask them to select whether to set the password of root user. If users
choose not to set the root user’s password, the system will
automatically login as root user for each boot after system installation.
The following are rules for selecting effective and safe passwords.
(1) The password should best be composed by 6 characters with at least
one number or special character.
(2) The password must not be the name, telephone number or other personal
information.
(3) The password must be used for a period of validity only. It should
be changed after a period of time.
After the Linux is installed, the minimum number of password character
is 5 by default or compulsively set to greater than 5. For example, if
the number of character is 8, edit the file accessed by /etc/login.defs.
Find out the line PASS_MIN_LEN 5 and change 8 to 5. Other safety measures
can also be set in this file, such as the period of validity for the
password.
There is no restricting for the root account. Special attention should
be given to the root account usage. Especially do not use the root account
