Other security settings that don't fit the above-mentioned categories are listed here:
openSUSE comes with three predefined sets of file permissions for
system files. These permission sets define whether a regular user may
read log files or start certain programs. /etc/permissions.easy
for the complete
configuration. The file permissions are
designed for multi-user machines with network access. A thorough
explanation of these settings can be found in
/etc/permissions.secure
. The
settings are the most restrictive ones and
should be used with care. See
/etc/permissions.secure
for more information.
The program updatedb scans the system and creates a
database of all file locations which can be queried with the command
locate. When updatedb is run as
user nobody, only world-readable files will be added to the database.
When run as user root
, almost all files (except the ones root is
not allowed to read) will be added.
Whenever a program is called without specifying the full path to the
executable, the system looks in the user's search path (defined by the
variable $PATH
) for the executable. By default the
current directory is not added to the search path. This setting
ensures that, for example, /bin/ls
and not the
trojan horse /
is executed when entering
ls. In order to start a program in the current
directory the command must be prefixed with current
directory
/ls./
.
When activating these options, the current directory
(.
) is appended to the search path. It is
recommended you not change the default.
The magic SysRq key is a keycombo that enables you to have some
control over the system even when it has crashed. The complete
documentation can be found at
/usr/src/linux/Documentation/sysrq.txt
(requires
installation of the package kernel-source
).