LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   ufw status world writeable group writeable (https://www.linuxquestions.org/questions/linux-security-4/ufw-status-world-writeable-group-writeable-931618/)

masuch 02-27-2012 04:46 PM
ufw status world writeable group writeable
 
Hi,

ufw status:

WARN: /etc/ufw/applications.d/apache2.2-common is world writable!
WARN: /etc/ufw/applications.d/apache2.2-common is group writable!
WARN: /etc/ufw/applications.d/bind9 is world writable!
WARN: /etc/ufw/applications.d/bind9 is group writable!
WARN: /etc/ufw/applications.d/samba is world writable!
WARN: /etc/ufw/applications.d/samba is group writable!

is it enough to correct this error by:
sudo chmod 755 /etc/ufw/applications.d/bind9
sudo chmod 755 /etc/ufw/applications.d/samba
sudo chmod 755 /etc/ufw/applications.d/apache2.2-common

or do i need to do some more ?

thank you,
regards,
M.

Noway2 02-28-2012 08:18 AM
These are files that you would not want unprivileged users from being able to modify (write). Yes, changing the permissions would be appropriate. If they are directories, 755 is generally a good choice and if they are files the similar 644, which removes the executable flag. This still allows "others" read access to these files which may be required for the application to utilize them.

masuch 02-28-2012 10:31 AM
Thanks a lot for explanation. I had to change permissions to 644 - they are files.


All times are GMT -5. The time now is 12:51 AM.