Kurtseifried (talk | contribs) No edit summary |
Kurtseifried (talk | contribs) No edit summary |
||
| Line 1: | Line 1: | ||
= Have secure by default permissions for configuration and log files = | = Have secure by default permissions for configuration and log files = | ||
== Proposed change == | |||
All configuration files (e.g. files in /etc/) and all log files (e.g. files in /var/log/) must not be set world-readable unless there is a functional reason to do so. By default, configuration files should be chmod 600 or 0640 and log files should be chmod 0600. This is due to a continuing number of security issues with world readable files that contain sensitive information (e.g. passwords and access tokens or logged usernames and commands for example). | All configuration files (e.g. files in /etc/) and all log files (e.g. files in /var/log/) must not be set world-readable unless there is a functional reason to do so. By default, configuration files should be chmod 600 or 0640 and log files should be chmod 0600. This is due to a continuing number of security issues with world readable files that contain sensitive information (e.g. passwords and access tokens or logged usernames and commands for example). | ||
== Rationale == | |||
The number of security issues created by lax permissions on configuration and log files has resulted in a number of security issues exploitable by local users. E.g.: | |||
[http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=configuration+file+permissions CVEs for configuration file permissions] | |||
[http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=log+file+permissions CVEs for log file permissions] | |||
Please note that the above lists are by no means a complete listing of the security flaws that have resulted from lax permissions. | |||
[[Category:Packaging guidelines drafts]] | [[Category:Packaging guidelines drafts]] | ||
Latest revision as of 17:18, 18 June 2015
Have secure by default permissions for configuration and log files
Proposed change
All configuration files (e.g. files in /etc/) and all log files (e.g. files in /var/log/) must not be set world-readable unless there is a functional reason to do so. By default, configuration files should be chmod 600 or 0640 and log files should be chmod 0600. This is due to a continuing number of security issues with world readable files that contain sensitive information (e.g. passwords and access tokens or logged usernames and commands for example).
Rationale
The number of security issues created by lax permissions on configuration and log files has resulted in a number of security issues exploitable by local users. E.g.:
CVEs for configuration file permissions
Please note that the above lists are by no means a complete listing of the security flaws that have resulted from lax permissions.