Periodically audit file permissions for mistaken leaks

Posted on

A server stack is the collection of software that forms the operational infrastructure on a given machine. In a computing context, a stack is an ordered pile. A server stack is one type of solution stack — an ordered selection of software that makes it possible to complete a particular task. Like in this post about Periodically audit file permissions for mistaken leaks was one problem in server stack that need for a solution. Below are some tips in manage your linux server when you find problem about linux, security, user-permissions, , .

I’m looking for a way to periodically check a file system tree for permissions that have been set incorrectly.

The context is:

  • this is in an academic compute environment, with students, researchers and overworked sysadmins
  • the focus is not on malicious actors, but rather mistakes made by any of the above
  • existing users/group hierarchy
  • prevention does not have to be immediate, we’re thinking of something that can run daily
  • ideally don’t want to have to install extra tools such as tripwire
  • don’t need a forensic trail to be captured

My hunch is a script that:

  • runs daily via cron
  • runs as a user with read permissions for the entire tree
  • checks that rwx is off for the “all” bits.. (more rules to be added)

Before I start this, is there an established way to do this that I’m not aware of?

You want to check AIDE or

More generic list of File integrity monitoring software

Leave a Reply

Your email address will not be published. Required fields are marked *