The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Security: directory and file permissions

Discussion in 'Security' started by Pda0, Jul 9, 2003.

  1. Pda0

    Pda0 Well-Known Member

    Joined:
    Jun 13, 2003
    Messages:
    70
    Likes Received:
    0
    Trophy Points:
    6
    Ive researched around, and finally I have seen that these commands are good for searching for unsecure file/dirs:

    find / -type f \( -perm -4000 -o -perm -2000 \) -exec ls -ldu '{}' \;
    find / -type d \( -perm -4000 -o -perm -2000 \) -exec ls -ldu '{}' \;
    find / -type d -perm -0777 -exec ls -ldu '{}' \;
    find /home -type f -perm -0777 -exec ls -ldu '{}' \;

    1] The two first ones look for setuid files and directories (Latest access time will show instead of creation time - comes handy). On a standard cpanel6 install there are not that much to see (there shouldnt anyway), unless there's a writable dir/file.

    I thought that it would be nice to build a script that checks suid/sgid files/dirs _with_ write permissions, but I would like to know if im following the right theory before coding it (Any opinions?).

    2] The third command looks for world-writeable directories. On a standard cpanel6 install I got A LOT of them!. Is this really bad, other than possible letting a user scatter files through the server?

    3] The fourth and last command looks for world-writable executable files through the standard account directory of cpanel6. This is bad, as by doing this a user can easily hijack other user's account if the file is a .php,.pl, etc, executable file. In plain cpanel6 I think there are no files like this (im unsure).

    What about building a script that looks for these world-writeable files on each users web directory, mailing a warning?

    ......

    Well, that's about it. Im dying for opinions :)

    .pd

    cPanel.net Support Ticket Number:
     
  2. Pda0

    Pda0 Well-Known Member

    Joined:
    Jun 13, 2003
    Messages:
    70
    Likes Received:
    0
    Trophy Points:
    6
    Anyone?

    cPanel.net Support Ticket Number:
     
  3. SteveD3

    SteveD3 Member

    Joined:
    Jul 3, 2003
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    1
    I think its a good idea, however Im not a script writer.

    my $0.02


    -Steve

    cPanel.net Support Ticket Number:
     
  4. rbmatt

    rbmatt Well-Known Member

    Joined:
    Oct 21, 2002
    Messages:
    212
    Likes Received:
    0
    Trophy Points:
    16
    It would be fairly simple.. would you just want it to run via cron?

    A simple bash script like..

    CHECK1= `find / -type f \( -perm -4000 -o -perm -2000 \) -exec ls -ldu '{}' \`

    CHECK2= `find / -type d \( -perm -4000 -o -perm -2000 \) -exec ls -ldu '{}' \;`

    etc. then splice them together and mail it.

    cPanel.net Support Ticket Number:
     
  5. Pda0

    Pda0 Well-Known Member

    Joined:
    Jun 13, 2003
    Messages:
    70
    Likes Received:
    0
    Trophy Points:
    6
    Actually, I was hoping for comments to the questions I stated :D

    1] Suid/Guid files without write permissions are ok?
    2] Are world-writable directories ok?
    3] World-writable php files can lead to account hijacks, right? (Assuming phpsuexec enabled)

    Thanks ;)

    .pd

    cPanel.net Support Ticket Number:
     
  6. howard

    howard Well-Known Member

    Joined:
    Apr 20, 2003
    Messages:
    233
    Likes Received:
    0
    Trophy Points:
    16
    Not entirely sure about 1) so will just answer 2) and 3)

    2) World writable directorys are in general a bad idea (unless it has sticky bit set) and are often exploited to hide cracker tools in

    3) Yes, also can be used in website defacements

    find / -nouser -or -nogroup can also be useful in identifying files which don't have a user or group assigned to them (this will be espically obviously on a busy cpanel system as previously noted elsewhere cpanel doesn't tidy up that well after a account deletion)
     
    #6 howard, Jul 13, 2003
    Last edited: Jul 13, 2003
  7. Pda0

    Pda0 Well-Known Member

    Joined:
    Jun 13, 2003
    Messages:
    70
    Likes Received:
    0
    Trophy Points:
    6
    The bad part is that in Cpanel there are ZILLIONS of [2]!!

    :(

    .pd

    cPanel.net Support Ticket Number:
     
  8. rbmatt

    rbmatt Well-Known Member

    Joined:
    Oct 21, 2002
    Messages:
    212
    Likes Received:
    0
    Trophy Points:
    16
    Just about every gallery script or upload manager has these.. I wish things were just more secure!

    cPanel.net Support Ticket Number:
     
  9. Pda0

    Pda0 Well-Known Member

    Joined:
    Jun 13, 2003
    Messages:
    70
    Likes Received:
    0
    Trophy Points:
    6
    No.. world-writable permissions aren't needed when using phpsuexec.

    As the http process is forked with the user's uid/gid, only group or user write permissions allow the script to write.

    .pd

    cPanel.net Support Ticket Number:
     
  10. rbmatt

    rbmatt Well-Known Member

    Joined:
    Oct 21, 2002
    Messages:
    212
    Likes Received:
    0
    Trophy Points:
    16
    Yea, but we don't run phpsuexec. I guess its too developmental. And I dont think it works with the lastest php version.

    cPanel.net Support Ticket Number:
     
  11. mmkassem

    mmkassem Well-Known Member

    Joined:
    Oct 21, 2002
    Messages:
    390
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Egypt
    It works with it now.


    Anyway, Cpanel 7.2.0 updates makes a lot of files world writable. :( :(

    I reported that but I did not get any reply.

    cPanel.net Support Ticket Number:
     
  12. Pda0

    Pda0 Well-Known Member

    Joined:
    Jun 13, 2003
    Messages:
    70
    Likes Received:
    0
    Trophy Points:
    6
    What do you mean developmental? :) Have you actually tried it? ;)

    .pd

    cPanel.net Support Ticket Number:
     
  13. mmkassem

    mmkassem Well-Known Member

    Joined:
    Oct 21, 2002
    Messages:
    390
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Egypt
    try this program:
    http://www.r-fx.net/faf.php

    It will report to you all the unowned files , and world writable (not only 777, there are many forms of world writable) and more ...

    cPanel.net Support Ticket Number:
     
  14. Pda0

    Pda0 Well-Known Member

    Joined:
    Jun 13, 2003
    Messages:
    70
    Likes Received:
    0
    Trophy Points:
    6
    Looks nice.

    Ill check it out. Thanks

    .pd

    cPanel.net Support Ticket Number:
     
Loading...

Share This Page