188.8.131.52 File System
(Page 1 of 2)
File system issues are important to consider when hardening an OS. These relate to both the type of file system chosen, and the access controls on information stored in them.
In most modern operating systems, an administrator can choose to format a disk in any number of standardized formats, called file systems. For example, in the Windows world, there is NTFS, FAT-32, FAT-16, etc. In the UNIX world, there are MS-DOS compatible file systems, JFS, extfs, ReiserFS, etc. The best way to make sense of these is to study your documentation, as complete coverage of the attributes of these file systems is beyond the scope of this document.
Several security-related aspects of file systems are important to consider when choosing a file system:
As noted above, some file systems are notorious for losing data when the system crashes. Other file systems are noteworthy for being robust, such as the JFS (journaling file system)359 available for Linux. When thinking about file system security, its tempting to focus primarily on access controls. But its important to also take into account the reliability of the file system if your data disappears when there are system problems, it can cause as much business disruption as a cracker intrusion.
Of course, one should also visit the topic of proper file access control configuration. File access permissions provided by an OS depend on the file system involved. As mentioned above, some file systems like the Windows FAT-32 file system and its ancestors provide no file access control permissions (giving everyone locally accessing the machine full permissions to all files and instead leaving it up to network share permissions to control access granted to remote users).
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.