|
|
24. Filesystem securityThe standard Unix filesystem comprises of security control at the file level and directory level. However, it is not the purpose of this document to go into details about basic Unix filesystem properties. Some main issues relating to security are as follows: The “setuid” bit. If the “setuid” bit is enabled on a file, then when the file is executed, it is run under the owner’s userid instead of the userid of the person executing it. High precautions should be taken when implementing and using setuid programs! r-sr-sr-x 1 root sys 356640 Oct 15 1997 Sendmail The file above is an example of a setuid implementation. When the file “sendmail” is executed (doesn’t matter by whom), it is run under the “root” userid. The “write” bit set for ‘other’ mode. If the “write” bit is enabled for the ‘other’ mode on a file or directory, then it could essentially be changed by anyone who has access to the system. drwxr-xrwx 21 sneak users 1536 Jun 11 15:50 /home/sneak/ The directory above is an example of this implementation. This will enable anyone else on the system to write to that directory (and possibly change files within it). Extra precautions should be taken on system directories such as /etc, /bin, /usr and others. An exception to the rule is /tmp, in which typically anyone should be able to write to. More information is available in various man pages including chmod, chown, chgrp and ls One useful tool called tripwire can monitor changes to system binaries. It is available at ftp://coast.cs.purdue.edu/pub/COAST/Tripwire. |
|