Page 303 - DCAP403_Operating System
P. 303
Operating System
Notes Figure 13.16: Forwarding Information Database
fib_zones
fib_node
fib_next
fib_dst
fib_info
fib_use
fib_zone fib_info fib_next
fib_metric fib_prev
fz_next
fib_los fib_gateway
fz_hash_table
fib_dev
fz_list
fib_befent
fz_nent
fib_window
fz_logmask
fib_flage
fz_mask
fib_roto
fib_itll
fib_node
fib_next
fib_dst
fib_info
fib_use
fib_info fib_next
fib_mmetric fib_prev
fib_los fib_gateway
fib_dev
fib_befent
fib_window
fib_flage
fib_roto
fib_itll
Several routes may exist to the same IP subnet and these routes can go through one of several
gateways. The IP routing layer does not allow more than one route to a subnet using the same
gateway. In other words, if there are several routes to a subnet, then each route is guaranteed
to use a different gateway. Associated with each route is its metric. This is a measure of how
advantageous this route is. A route’s metric is, essentially, the number of IP subnets that it must
hop across before it reaches the destination subnet. The higher the metric, the worse the route.
13.10 Security
Linux, like any computer system, has a set of security issues that need to be considered.
Regardless of what mechanisms are in place, the basic concepts are the same. In fact, the security
of a computer system is very much like the security of a house, just as running a computer system
is like running a household.
A knowledgeable user with root access to another Linux system can gain access to yours if
they have physical access. Even without access to another system, if that user has access to
the installation fl oppies, they can get into your system. Once in, it doesn’t matter what kind of
security is has been configured on the hard disk since the only security the system knows is what
it has been told by the fl oppy.
Regardless of what security issue you are talking about, any breach in security can be prevented
by not allowing access to the system. Now, this can be taken to extremes by not letting anyone to
have access. However, by limiting access to the system to only authorized users, you substantially
lower the risk of breaches in security. Keep in mind that there is no such thing as a secure system.
This is especially important when you consider that the most serious threat comes from people
who already have an account on that system.
Access control has been a part of Linux for a long time. It is a fundamental aspect of any
multi-user system. The most basic form of access control is in the form of user accounts. The only
way you should be able to gain access to a Linux system is through an account. Users usually
gain access to the system when they have an account set up for them. Each user is assigned an
296 LOVELY PROFESSIONAL UNIVERSITY
