1.Verify permissions on passwd, shadow, group, and gshadow files cd /etc chown root:root passwd shadow group gshadow chmod 644 passwd group chmod 400 shadow gshadow 2.Verify all world-writable directories have sticky bits set Find all the files that are world-writable and do not have their sticky bits set. find / -xdev -type d \( -perm -0002 -a ! -perm -1000 \) -print Set the sticky bit ( # chmod +t {dir} ) for all the directories that result from running the aforementioned command. 3.Find unauthorized world-writable files Find all the files that are world-writable and fix each file listed. find / -xdev -type f -perm -0002 -print Set the right permissions (# chmod o-w {file}) for all the files generated by running the aforementioned command. 4.Find and repair un-owned files Find all the files that do not belong to a valid user or group and either assign an owner or remove the file, as appropriate. find / -xdev \( -nouser -o -nogroup \) -print 5.Verify all world-writable directories have proper ownership Find all the directories that are world-writable and ensure they are owned by either root or a system account (assuming only system accounts have a UID lower than 500). If the command generates any output, verify the assignment is correct or reassign it to root. find / -xdev -type d -perm -0002 -uid +500 -print |
DCA Security FAQ >