S 4.19 Restrictive allocation of attributes for Unix system files and directories

Initiation responsibility: Head of IT Section, IT Security Management

Implementation responsibility: Administrators

The measures listed here apply to files and directories for which the administrator is responsible, i.e. which are either of importance to all users or serve for administration purposes. It is not sufficient to check the rights of one program. The rights allocation of all programs which are called up from this program must also be checked (in particular to avoid Trojan horses).

The attributes of all system files should, as far as possible, be set in such a way that only the system administrator has access to them. Directories should provide no more than the required privileges for users.

The s-bit should be set only when absolutely required. In the case of shell scripts, the s-bit should not be set. The s-bit may be set only by the administrator; reasons should be given for the need to do so, which are also to be documented.

In directories to which all users must have write access (e.g./tmp), the t-bit ( sticky bit) should be set.

Additional controls:

• Is allocation of attributes regularly checked for Unix system files?
• Are there lists which can be used to help carry out these checks?
• Is the s-bit only set when absolutely required?