Other security settings that don't fit the above-mentioned categories are listed here:
openSUSE comes with three predefined sets of file permissions for
system files. These permission sets define whether a regular user may
read log files or start certain programs. file
permissions are suitable for standalone machines. This settings allows
regular users, for example, to read most system files. See the file
/etc/permissions.easy for the complete
configuration. The file permissions are
designed for multi-user machines with network access. A thorough
explanation of these settings can be found in
/etc/permissions.secure. The
settings are the most restrictive ones and
should be used with care. See
/etc/permissions.secure for more information.
The program updatedb scans the system and creates a
database of all file locations which can be queried with the command
locate. When updatedb is run as
user nobody, only world-readable files will be added to the database.
When run as user root, almost all files (except the ones root is
not allowed to read) will be added.
Whenever a program is called without specifying the full path to the
executable, the system looks in the user's search path (defined by the
variable $PATH) for the executable. By default the
current directory is not added to the search path. This setting
ensures that, for example, /bin/ls and not the
trojan horse / is executed when entering
ls. In order to start a program in the current
directory the command must be prefixed with current
directory/ls./.
When activating these options, the current directory
(.) is appended to the search path. It is
recommended you not change the default.
The magic SysRq key is a keycombo that enables you to have some
control over the system even when it has crashed. The complete
documentation can be found at
/usr/src/linux/Documentation/sysrq.txt (requires
installation of the package kernel-source).