DCA Security FAQ‎ > ‎

Verify Permissions on Important Files and Directories

posted Oct 10, 2012, 7:21 AM by Sachchida Ojha
1.Verify permissions on passwd, shadow, group, and gshadow files
cd /etc
chown root:root passwd shadow group gshadow
chmod 644 passwd group
chmod 400 shadow gshadow

2.Verify all world-writable directories have sticky bits set
Find all the files that are world-writable and do not have their sticky bits set.
find / -xdev -type d \( -perm -0002 -a ! -perm -1000 \) -print
Set the sticky bit ( # chmod +t {dir} ) for all the directories that result from running the aforementioned command.

3.Find unauthorized world-writable files
Find all the files that are world-writable and fix each file listed.
find / -xdev -type f -perm -0002 -print
Set the right permissions (# chmod o-w {file}) for all the files generated by running the aforementioned command.

4.Find and repair un-owned files
Find all the files that do not belong to a valid user or group and either assign an owner or remove the file, as appropriate.
find / -xdev \( -nouser -o -nogroup \) -print

5.Verify all world-writable directories have proper ownership
Find all the directories that are world-writable and ensure they are owned by either root or a system account (assuming only system accounts have a UID lower than 500). If the command generates any output, verify the assignment is correct or reassign it to root.
find / -xdev -type d -perm -0002 -uid +500 -print
Comments