How will a server become vulnerable with chmod 777?

by

It allows filesystem content to be viewed and/or modified by anyone: assuming the attacker already has general system access which is very common on shared hosting platforms .. some are more “hardened” than others from the start. Here is a small incomplete list of possible attack vectors:

  1. “your safe code” could be overwritten with “their malicious code” which runs within the same web-server context .. could steal passwords/trojan, expose DB, delete content, etc. That is, someone else’s code can run under your security context.
  2. Content (e.g. “script source”) can possibly be viewed outside of the web-server (or owner) context. Have a “secure” password to connect to the DB? Well, not anymore…
  3. If content was protected by permissions (e.g. web-server couldn’t access before), the web-server might be able to access/list sensitive information… not good if you didn’t mean to share it. Different web-server configurations will also treat “listings” differently, which can also expose more than is desired.

In the above I also assume “group” to include the web-server principal and that there is a web-server (and/or shared hosting) involved which can be used as a primary attack vector and/or security vulnerability. However, and I stress this again: the list above is not complete.

While not “guaranteed safety”, using the most specific permissions can mitigate some vulnerabilities / exposure.

More Related Contents:

  1. Difference between Hashing a Password and Encrypting it
  2. In what cases will HTTP_REFERER be empty
  3. XMLHttpRequest cannot load file. Cross origin requests are only supported for HTTP
  4. Why Does OAuth v2 Have Both Access and Refresh Tokens?
  5. Practical non-image based CAPTCHA approaches?
  6. What is the best way to prevent session hijacking?
  7. How to restrict Firebase data modification?
  8. Why is security through obscurity a bad idea? [closed]
  9. Classic ASP SQL Injection Protection
  10. Will HTML Encoding prevent all kinds of XSS attacks?
  11. Password hashing, salt and storage of hashed values
  12. How are software license keys generated?
  13. How to properly do private key management
  14. Symfony2 extending DefaultAuthenticationSuccessHandler
  15. Docker and securing passwords
  16. OAuth2 and Google API: access token expiration time?
  17. What is the best Distributed Brute Force countermeasure? [closed]
  18. Should I hash the password before sending it to the server side?
  19. https URL with token parameter : how secure is it?
  20. Disable cross domain web security in Firefox
  21. SSL Error: unable to get local issuer certificate
  22. curl – Is data encrypted when using the –insecure option?
  23. How to redirect all HTTP requests to HTTPS using .htaccess rules?
  24. How to pass the value of a variable to the standard input of a command?
  25. Keygen tag in HTML5
  26. How to send password securely via HTTP using Javascript in absence of HTTPS?
  27. My website got hacked.. What should I do? [closed]
  28. Remember me Cookie best practice?
  29. buffer overflow example from Art of Exploitation book
  30. Understanding CSRF

Leave a Comment