- Home
- Server Administration
- LPIC-1 Linux Administrator 101
71.
When should programs be configured SUID root?
- A.At all times; this permission is required for executable programs
- B.Whenever a program should be able to access a device file
- C.Only when they require root privileges to do their job
- D.Never; this permission is a severe security risk
- E.Whenever the program file is owned by the root user
- Answer & Explanation
- Report
Answer : [C]
Explanation :
Explanation :
The set user ID (SUID) bit enables programs to run as the program’s owner rather than as the user who ran them. This makes SUID root programs risky, so setting the SUID bit on root-owned programs should be done only when it’s required for the program’s normal functioning, as stated in option C. This should certainly not be done for all programs because the SUID bit is not required of all executable programs as option A asserts. Although the SUID root configuration does enable programs to access device files, the device files’ permissions can be modified to give programs access to those files, if this is required, so option B is incorrect. Although SUID root programs are a security risk, as stated in option D, they’re a necessary risk for a few programs, so option D goes too far. Many program files that should not be SUID root are owned by root, so option E is incorrect. |
72.
Which of the following commands would you type to enable world read access to the file
myfile.txt? (Assume that you’re the owner of myfile.txt.)
- A.chmod 741 myfile.txt
- B.chmod 0640 myfile.txt
- C.chmod u+r myfile.txt
- D.chmod a-r myfile.txt
- E.chmod o+r myfile.txt
- Answer & Explanation
- Report
Answer : [E]
Explanation :
Explanation :
Using symbolic modes, the o+r option adds read (r) permissions to the world (o). Thus, option E is correct. Option A sets the mode to rwxr----x, which is a bit odd and doesn’t provide world read access to the file, although it does provide world execute access. Option B sets the mode to rw-r-----, which gives the world no access whatsoever to the file. Option C adds read access to the file for the owner (u) if the owner doesn’t already have this access; it doesn’t affect the world permissions. Option D removes read access for all users, so it’s incorrect. |
73.
Which of the following umask values will result in files with rw-r----- permissions?
- A.640
- B.210
- C.022
- D.027
- E.138
- Answer & Explanation
- Report
Answer : [D]
Explanation :
Explanation :
Option D, 027, removes write permissions for the group and all world permissions. (Files normally don’t have execute permissions set, but explicitly removing write permissions when removing read permissions ensures reasonable behavior for directories.) Option A, 640, is the octal equivalent of the desired rw-r----- permissions; but the umask sets the bits that are to be removed from permissions, not those that are to be set. Option B, 210, would remove write permission for the owner, but it wouldn’t remove write permission for the group, which is incorrect. This would also leave all world permissions open. Option C, 022, wouldn’t remove world read permission. Option E, 138, is an invalid umask, since all the digits in the umask must be between 0 and 7. |
74.
You see the usrquota and grpquota options in the /etc/fstab entry for a filesystem.
What is the consequence of these entries?
- A.Quota support will be available if it’s compiled into the kernel; it will be automatically activated when you mount the filesystem.
- B.User quotas will be available, but the grpquota option is invalid and will be ignored.
- C.Quota support will be disabled on the filesystem in question.
- D.Nothing; these options are malformed and so will have no effect.
- E.Quota support will be available if it’s compiled into your kernel, but you must activate it with the quotaon command.
- Answer & Explanation
- Report
Answer : [E]
Explanation :
Explanation :
Using quotas requires kernel support, the usrquota or grpquota (for user or group quotas) filesystem mount option, and activation via the quotaon command (which often appears in system startup scripts). Thus, option E is correct. Option A suggests that quotaon is not necessary, which is incorrect. Option B’s statement that grpquota is invalid is incorrect. Option C’s statement that these options disable quota support is backward. The usrquota and grpquota options are both valid, so option D is incorrect. |
75.
Which of the following commands can be used to summarize the quota information about
all filesystems?
- A.repquota
- B.repquota -a
- C.quotacheck
- D.quotacheck –a
- E.edquota -a
- Answer & Explanation
- Report
Answer : [B]
Explanation :
Explanation :
The repquota utility is used to summarize the quota information about the filesystem. When used with the –a option, it shows this information for all filesystems, so option B is correct. This command won’t return useful information when typed alone, though, so option A is incorrect. The quotacheck utility checks quota information about a disk and writes corrections, so options C and D are both incorrect. The edquota utility enables you to edit quota information. It doesn’t summarize quota information, and -a isn’t a valid option to edquota. Thus, option E is incorrect. |