Logo Background

Security Scan For Weak Directory Permission

  • By on August 22, 2008 | No Comments

    World and group writable directories present a security problem if the users of a system have not set their umasks properly. It would be good to scan for directories with loose permissions and prevent hacker from gaining privilege through this problem.

    Unix Directory Permission Scanning

    UNIX> find / -type d \( -perm -g+w -o -perm -o+w \) -exec ls -lad {} \;

    Any directories that are listed in the output should have the sticky bit set, which is denoted by a t in the directory’s permission bits. Setting the sticky bit on a world-writable directory ensures that even though anyone may create files in the directory, they may not delete or modify another user’s files. To get a list of directories that don’t have their sticky bit set, run this command:

    UNIX> find / -type d \( -perm -g+w -o -perm -o+w \) \-not -perm -a+t -exec ls -lad {} \;
    » Protect Server Logs Tampering By Hacker
Leave a Comment