Improper Filesystem Permissions



Description

Improper filesystem permissions vulnerabilities occur when the filesystem permissions are not sufficiently restricted, either as a result of the application not setting strict enough permissions or the user/administrator/customer not securing the system sufficiently.

All applications are affected by improper filesystem permissions vulnerabilities.

Impact

The impact of improper filesystem permissions depends heavily on the specific files that are exposed and the specific application that is vulnerable.

Native code privileged system applications are the most seriously affected by improper filesystem permissions. For example, if working files of a privileged system application are exposed, an attacker might be able to replace them with malicious data and cause the vulnerable application to execute arbitrary code with superuser privileges.

Web applications are usually only affected by improper filesystem permissions if there are additional vulnerabilities in the application. A vulnerability that allows the attacker to upload malicious code might be mitigated by strong filesystem permissions, but if the application has write permissions to web accessible directories, the attacker will be able to upload the malicious code and take over the application.

Improper filesystem permissions also greatly simplify the task of backdooring a compromised system by creating locations where backdoors might be hidden. For example, if application files are not write-protected, the attacker will be able to replace them with backdoored versions.

Lastly, improper filesystem permissions affect the systems themselves, especially user data. For example, if the system is configured to allow unprivileged users to read the superuser's files, an attacker that has gained access to the system might find authentication credentials, like SSH or RDP keys, stored by the administrator.

Countermeasures

To prevent improper filesystem permission vulnerabilites, harden the server.

Application Check

To verify that improper filesystem permission vulnerabilities are prevented, make sure the server is hardened.

!Have a comment about this article? Send our team an email.