Periodically audit file permissions for mistaken leaks

Posted on

A server stack is the collection of software that forms the operational infrastructure on a given machine. In a computing context, a stack is an ordered pile. A server stack is one type of solution stack — an ordered selection of software that makes it possible to complete a particular task. Like in this post about Periodically audit file permissions for mistaken leaks was one problem in server stack that need for a solution. Below are some tips in manage your linux server when you find problem about linux, security, user-permissions, , .

I’m looking for a way to periodically check a file system tree for permissions that have been set incorrectly.

The context is:

  • this is in an academic compute environment, with students, researchers and overworked sysadmins
  • the focus is not on malicious actors, but rather mistakes made by any of the above
  • existing users/group hierarchy
  • prevention does not have to be immediate, we’re thinking of something that can run daily
  • ideally don’t want to have to install extra tools such as tripwire
  • don’t need a forensic trail to be captured

My hunch is a script that:

  • runs daily via cron
  • runs as a user with read permissions for the entire tree
  • checks that rwx is off for the “all” bits.. (more rules to be added)

Before I start this, is there an established way to do this that I’m not aware of?

You want to check AIDE or
mtree

More generic list of File integrity monitoring software

Leave a Reply

Your email address will not be published. Required fields are marked *