Securing Users
At this point, only the initial user who can assume the root role
has access to the system. The following tasks are best performed in order
before regular users can log in.
Table 2 Securing Users Task Map
| | |
Configure restrictive file permissions for regular users.
| Sets a more restrictive value than 022 for file permissions
for regular users.
|
|
Set account locking for regular users.
| On systems that are not used for administration, sets account locking
system-wide and reduces the number of logins that activate the lock.
|
|
Preselect the cusa audit class for all users.
| Provides better monitoring and recording of potential threats to the
system.
|
|
Create roles.
| Distributes discrete administrative tasks to several trusted users so
that no one user can damage the system.
You can use predefined ARMOR roles, create your own roles, or extend ARMOR with your own roles.
|
|
Reduce the number of visible GNOME desktop applications.
| Prevents users from using desktop applications that can affect security.
|
|
Limit a user's privileges.
| Removes basic privileges that users do not need.
|
|
|