Profile Applicability:
Level 1

Description:
 System file permissions control access to critical files and directories, preventing unauthorized users from reading, modifying, or executing sensitive data. Regular auditing of file permissions ensures compliance with security policies and reduces the risk of privilege escalation or data breaches.

Rationale:
 Auditing system file permissions helps identify misconfigurations, overly permissive access, or unauthorized changes that could compromise system security.

Impact:
 Pros:

  • Ensures system files are securely protected.

  • Detects potential security weaknesses before exploitation.

Cons:

  • Manual audits can be time-consuming and require expertise.

Default Value:
 File permissions vary based on distribution and system configuration; no default audit is typically enforced.

Pre-requisites:

  • Root or sudo privileges to examine and modify system files and permissions.

  • Access to system auditing tools or scripts.

Remediation:

Test Plan:

Using Linux command line:

   1. Use tools like ls -lfind, or specialized scripts to list and review permissions of critical files:   

find /etc -type f -exec ls -l {} \;  
find /bin /sbin /usr/bin /usr/sbin -type f -perm /o+w -exec ls -l {} \;


       2. Check for files with world-writable or otherwise insecure permissions.
       3. Compare against security baselines or benchmarks.

Implementation Plan:

Using Linux command line:

    1. Adjust file permissions to conform with security standards. For example:    

chmod o-w /path/to/file  
chown root:root /path/to/file

        2. Use configuration management or auditing tools (e.g., OpenSCAP, Lynis) to automate checks.

        3.Document and monitor permission changes.

Backout Plan:

Using Linux command line:

  1. Restore previous file permissions from backups if changes cause issues.

  2. Review and adjust permissions carefully to maintain system functionality.

References: