Linux: Insecure Permissions on Files and Folders #185
Labels
bug
Something isn't working
EPIC - Pen-test fixes
Fixing security issues found during penetration testing
MVP
Things that need to be considered for the MVP release
The penetration testing report showed that (page 57):
The Julia programming language was installed in a directory with world-write permissions, enabling low privileged users to tamper with binaries.
The Julia programming language was installed within the
/opt
directory with permissions that permit any user to modify, read or execute the file, typically achieved by executing achmod 777
command.It was also noted that the users were “orphaned”, as the owner of the file no longer existed on the system.
This is a medium level risk, but is something we must fix before the next pen-test.
The text was updated successfully, but these errors were encountered: