How will a server become vulnerable with chmod 777?
I often read articles saying something along the lines of
chmod 777 is bad!
I was wondering:
How do I become vulnerable when I execute chmod 777 on a file?
What is a real world example of this that I can reproduce?
Answer
It allows filesystem content to be viewed and/or modified by anyone: assuming the attacker already has general system access which is very common on shared hosting platforms .. some are more "hardened" than others from the start. Here is a small incomplete list of possible attack vectors:
- "your safe code" could be overwritten with "their malicious code" which runs within the same web-server context .. could steal passwords/trojan, expose DB, delete content, etc. That is, someone else's code can run under your security context.
- Content (e.g. "script source") can possibly be viewed outside of the web-server (or owner) context. Have a "secure" password to connect to the DB? Well, not anymore...
- If content was protected by permissions (e.g. web-server couldn't access before), the web-server might be able to access/list sensitive information... not good if you didn't mean to share it. Different web-server configurations will also treat "listings" differently, which can also expose more than is desired.
In the above I also assume "group" to include the web-server principal and that there is a web-server (and/or shared hosting) involved which can be used as a primary attack vector and/or security vulnerability. However, and I stress this again: the list above is not complete.
While not "guaranteed safety", using the most specific permissions can mitigate some vulnerabilities / exposure.