Unix file, folder permissions, security auditing tools.


 
Thread Tools Search this Thread
Operating Systems Solaris Unix file, folder permissions, security auditing tools.
# 1  
Old 03-01-2011
Unix file, folder permissions, security auditing tools.

I want to periodically check if ASCII password/config files on Unix[solaris8] have 400 or 600 access. Folders and files are owned by designated group and user. Folders and Files do not have world write access.

Are there any tools/scripts available for this kind of auditing that I can use on Solaris?
# 2  
Old 03-01-2011
Try googling for "BART" and "ASET". They are available for Solaris 10, I don't know if you can use them with Solaris 8...
# 3  
Old 03-01-2011
Those two tools appear to be geared towards system administrators.
I am mostly interested in checking just application folders and files.

Are there any custom scripts that only check folders and files not worry about super user level auditing.
# 4  
Old 03-01-2011
You could ls -l /home/*/.passwordfile and parse the resulting output for permissions etc.
# 5  
Old 03-01-2011
I can use find to check more evident conditions
Code:
 
find . -user <user> -perm [<-perm#>|<-u=xxx,g=xx>] ..

I am thinking in terms of ignoring link files. Not worrying about owner of files that has GID bit set. [ these two scenarios I know ]

Are there any other scenarios that are not more evident but should be considered for this kind of generic script !? One example is check for broken link files!
# 6  
Old 03-02-2011
You could also check the checksum of the files. This gives a unique number associated with the file and its contents. If the contents change but the size, permissions and mod time stay the same, the checksum will change.

Code:
# cd /tmp
# echo "this file is ok" > file
# cksum file
3592584977 16 file
# echo "the file is new" > file
# cksum file
3405287892 16 file



HTH
# 7  
Old 03-02-2011
Thanks for the idea.
Login or Register to Ask a Question

Previous Thread | Next Thread

7 More Discussions You Might Find Interesting

1. Ubuntu

Folder permissions

Hi Team, I want to set permissions to one folder in such a way that the user can write files or create folder inside that but should not able to delete it. Basically reason behind this is i am using Pidgin Messenger. There is a directory of logs in which, when user chat its store his logs.... (2 Replies)
Discussion started by: paragnehete
2 Replies

2. Tips and Tutorials

Unix File Permissions

Introduction I have seen some misinformation regarding Unix file permissions. I will try to set the record straight. Take a look at this example of some output from ls: $ ls -ld /usr/bin /usr/bin/cat drwxrwxr-x 3 root bin 8704 Sep 23 2004 /usr/bin -r-xr-xr-x 1 bin bin ... (6 Replies)
Discussion started by: Perderabo
6 Replies

3. Shell Programming and Scripting

Unix File Permissions

I want to change one of my Dir permissions to drwx--S--- Can you tell me which number i have to use. Thanks in Advance (4 Replies)
Discussion started by: veeru
4 Replies

4. Cybersecurity

Directory of Security Links (Software Tools)

Hello, If you are interested in security, check out this new directory of unix and linux related software tools. Security - Links If you have any of your favorite tools, feel free to add them to the directory. (0 Replies)
Discussion started by: Neo
0 Replies

5. Windows & DOS: Issues & Discussions

folder permissions

I work for a big company and all the people within my unit share a common drive to save documents to. I am listed in the group(AMS group) that has access rights to folders within this drive. but i'm trying to restrict access to a confidential folder so that only I can access it. when I set the... (0 Replies)
Discussion started by: shed
0 Replies

6. UNIX for Advanced & Expert Users

UNIX File Permissions

Hello, What does the following mean in terms of file permissions. -rw-rwSrw- 1 owner group 999 May 25 2004 file_name What does the "S" stand for. Thanks in advance for your input. :) (3 Replies)
Discussion started by: jerardfjay
3 Replies

7. Cybersecurity

Unix Security and auditing

I am starting an audit of unix security within our company and am looking for any information that may assist me with this. I am looking for any tips or pointers that I should be aware of when looking at unix. I am very new to unix so any help will do. Maybe there is someone out the that has had... (3 Replies)
Discussion started by: GW01
3 Replies
Login or Register to Ask a Question