HPE Community
Operating System - HP-UX
1833144 Members
3108 Online
110051 Solutions
New Discussion

what permissions for /etc files

 
ousseynou diagne
Occasional Contributor

‎06-12-2002 12:14 PM

‎06-12-2002 12:14 PM

what permissions for /etc files

We were configuring a modem on our Hp 9000 - UX 10.20 and changed by mistake all the permissions for the files under the /etc directories. We may have introduces some vulnerabilities on our system. I have attached the listing of the /etc files and permissions we now have. We run oracle 8 database on our HP -UX box. our user had problem accessing the database after the change was made, acces was denied on /dev/kmem. We fixed that problem by changin the permission on /dev/kmem.
What are the permissions we should set on all the /etc file to make our system more secure?

I want to have advice from people who have better understanding of permission on the /etc files before making any change.
Can you help Please?

Thanks

Jahn
0 Kudos
Reply
7 REPLIES 7
Rodney Hills
Honored Contributor

‎06-12-2002 12:18 PM

‎06-12-2002 12:18 PM

Re: what permissions for /etc files

If you have a backup tape, you could generate a listing of the permissions prior to the change, do a compare and then make the necessary adjustments.

my 2 cents

-- Rod Hills
There be dragons...
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

‎06-12-2002 12:24 PM

‎06-12-2002 12:24 PM

Re: what permissions for /etc files

Hi:

Have a look at 'swverify'.

Regards!

...JRF...
0 Kudos
Reply
harry d brown jr
Honored Contributor

‎06-12-2002 12:28 PM

‎06-12-2002 12:28 PM

Re: what permissions for /etc files


Get your last backup and restore /etc. Remember you have to make sure the restore will write the "OLD" permissions back.

What kind of backup do you have of /etc ???


live free or die
harry
Live Free or Die
0 Kudos
Reply
PIYUSH D. PATEL
Honored Contributor

‎06-12-2002 12:33 PM

‎06-12-2002 12:33 PM

Re: what permissions for /etc files

Hi,

You can restore from backup or else you can view the contents of the backup and then see the permissions there and accordingly modify.

Piyush
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎06-12-2002 12:37 PM

‎06-12-2002 12:37 PM

Re: what permissions for /etc files

Hang on a second here....is it /dev OR /etc you changed perms on?
If you just altered /etc - how did perms on /dev/kmem get changed?
You better check *both* /etc AND /dev.
Do you have another HP system with which to compare?

Rgds,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎06-12-2002 05:14 PM

‎06-12-2002 05:14 PM

Re: what permissions for /etc files

As mentioned, I'd be very concerned about the reason why /dev/kmem changed. However, you said that all the permissions changed in /etc. What command did you use? chmod? Or (much worse) chmod -R? Since the files and directories have different permissions, it's hard to understand what was changed.

/etc is a crucial directory as many very important config files and directories are stored there. But more important, there are a lot of 777 permissions n /etc, an indication that a severe security risk exists: umask has never been set. Wide open permissions means that nothing inside the file or directory is protected and the contents should be assumed to have been corrupted at some time in the past.

swverify takes a long time to run and to look at /etc, virtually every installed product as well as HP-UX subsystems must be checked. I think you will need a complete health check as soon as possible.


Bill Hassell, sysadmin
0 Kudos
Reply
ousseynou diagne
Occasional Contributor

‎06-14-2002 07:00 AM

‎06-14-2002 07:00 AM

Re: what permissions for /etc files


Thank you all for your help. I restored the etc files from backup using sam on a temp directory and listed the files and compare the permissions.

About dev/kmem it is strange, once the changes were made on the /etc files our users couldn't access the db anymore, getting error message cannot open /dev/kmem: permission denied. That issue has been reported in this forum. I was able to solve the kmem issue by changing the permission on /usr/sbin/lanscan with chmod 4555.

Again thanks
od
Jahn
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.