4.8. Using mtree to Audit File system Permissions
If you are reading this book we assume you have sensitive data to protect, and if so, you might want to consider routinely auditing your file system permissions. Earlier in this chapter, we learned of the dangers that can be had when permissions are poorly applied. An inadvertent write mode granted to a directory containing executables means that a malicious user can inject his own, executables, thereby granting him the ability to further exploit your system. The suid bit, when granted to an insecure program, can lead to a user subverting the program and gaining complete control of your box. If an executable must be suid to function, then there's not much you can do with POSIX or ACL permissions ...
Get Enterprise Mac Security: Mac OS X Snow Leopard now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
