S 4.20 Restrictive allocation of attributes for Unix user files and directories

Initiation responsibility: Head of IT Section, IT Security Management

Implementation responsibility: Administrator, IT users

The measures listed here apply to the files and directories of a user (including Mail files).

Users should set the attributes of their files and directories in a form which prevents access by other users. If other users are to be allowed access, appropriate user groups should be established.

For user-specific configuration files such as.profile, .exrc, .login, .cshrc, only the respective owner should hold rights.

On Unix systems, various programs have user-specific configuration files, such as . exrc, .emacs or . mailrc, which are automatically executed when the program is called up and which set variables and options for the user. Only the respective owner should hold rights so that no Trojan Horses can be installed.

The file .exrc is read before the editors ex or vi are started. If a file with the same name is already contained in the current directory, it will be evaluated by some Unix versions. All Unix versions used must be checked in this regard as operating system commands can be carried out each time the editor is called up.

The s-bit should be set only when absolutely required. In the case of shell scripts, the s-bit should not be set. The s-bit should only be set after consultation with the administrator; reasons should be given for the need to do so, which are also to be documented.

umask:

With umask (user file creation mode mask), it is laid down for each user, which attributes for regulating the access rights will be contained in a file newly created by him. In the user-specific configuration files such as /etc/profile or the $HOME/.profile files, umask = 0027 (-rw-r-----) or umask = 0077 (-rw-------) should be set so that the file attributes for new files will grant access rights only to the originator (and possibly to the group).

Mail files

The attributes of mail files should be regularly checked to ensure that only the respective user has access to the files.

Additional controls:

• Have the users been informed about the importance of minimum rights allocation?
• Are the set umask values being regularly checked by the administrator?
• Is the s-bit only set when absolutely required?