cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed
🔒 This topic is solved and locked. Need further help from the community? Please sign in and ask a new question.
Aasth
Quartz | Level 8 Aasth
Quartz | Level 8
Go to Solution

Rapid 7 Vulnerability for world writable files

Posted 08-13-2019 10:53 AM (3167 views)

 We are seeing rapid 7 vulnerabilities on our sas servers for the following world writable files. Can the permissions of this files be changed without any impact to the services running?

 

* /sas/install/SASHome/Secure/sasexe/libccme_asym.so (-rwxrwxrwx)

 

 * /sas/install/SASHome/Secure/sasexe/libccme_base.so (-rwxrwxrwx)

 

 * /sas/install/SASHome/Secure/sasexe/libccme_base_non_fips.so (-rwxrwxrwx)

 

*/sas/install/SASHome/Secure/sasexe/libccme_ecc.so (-rwxrwxrwx)

 

 * /sas/install/SASHome/Secure/sasexe/libccme_ecc_accel_fips.so (-rwxrwxrwx)

 

 * /sas/install/SASHome/Secure/sasexe/libccme_ecc_accel_non_fips.so (-rwxrwxrwx)

 

 * /sas/install/SASHome/Secure/sasexe/libccme_ecc_non_fips.so (-rwxrwxrwx)

 

 * /sas/install/SASHome/Secure/sasexe/libccme_ecdrbg.so (-rwxrwxrwx)

 

 * /sas/install/SASHome/Secure/sasexe/libccme_error_info.so (-rwxrwxrwx)

 

 * /sas/install/SASHome/Secure/sasexe/libcryptocme.so (-rwxrwxrwx)

* /sas/install/gms_install/gms8.0.1_install/Install.log (-rw-rw-rw-)

 

 * /sas/install/lsf/gms/log/gabd.log (-rw-rw-rw-)

 

 * /sas/install/lsf/gms/log/gabd.log.back (-rw-rw-rw-)

 

 * /sas/install/lsf/log/Install.log (-rw-rw-rw-)

 

 * /sas/install/lsf/log/res.log.nlr1sasdev1.abcbs.net (-rw-rw-rw-)

 

* /sas/install/pm/9.1/install/Install.log (-rw-rw-rw-)

 

 * /sas/install/pm_install/pm9.1.3.0_sas_pinstall/lsf9.1.3_lsfinstall/Install.err (-rw-rw-rw-)

 

 * /sas/install/pm_install/pm9.1.3.0_sas_pinstall/lsf9.1.3_lsfinstall/Install.log (-rw-rw-rw-)

 

 * /sas/install/pm_install/pm9.1.3.0_sas_pinstall/pm9.1.3.0_install/Install.err (-rw-rw-rw-)

 

 * /sas/install/pm_install/pm9.1.3.0_sas_pinstall/pm9.1.3.0_install/Install.log (-rw-rw-rw

 

0 Likes
1 ACCEPTED SOLUTION

Accepted Solutions
doug_sas
SAS Employee doug_sas
SAS Employee

Re: Rapid 7 Vulnerability for world writable files

Posted 08-13-2019 11:27 AM (3148 views)  |   In reply to Aasth

libccme_* files should have 555 since they are read-only shared libraries.


Logs can have 770.

View solution in original post

0 Likes
4 REPLIES 4
doug_sas
SAS Employee doug_sas
SAS Employee

Re: Rapid 7 Vulnerability for world writable files

Posted 08-13-2019 10:59 AM (3162 views)  |   In reply to Aasth

The libccme_* libraries can have all write bits turned off.

 

Install logs generally only need the write bit set for the user (i.e., the SAS install user or in this case the LSF/PM installer).

 

The LSF/PM operational logs need to have the user write bit set for the user running the daemon. Sometimes that is root and other times it is the primary grid administrator.

0 Likes
Aasth
Quartz | Level 8 Aasth
Quartz | Level 8

Re: Rapid 7 Vulnerability for world writable files

Posted 08-13-2019 11:24 AM (3151 views)  |   In reply to doug_sas

Thank you for the response. In that case is 770 safe bet for all the listed files?

0 Likes
doug_sas
SAS Employee doug_sas
SAS Employee

Re: Rapid 7 Vulnerability for world writable files

Posted 08-13-2019 11:27 AM (3149 views)  |   In reply to Aasth

libccme_* files should have 555 since they are read-only shared libraries.


Logs can have 770.

0 Likes
Aasth
Quartz | Level 8 Aasth
Quartz | Level 8

Re: Rapid 7 Vulnerability for world writable files

Posted 08-13-2019 11:28 AM (3143 views)  |   In reply to doug_sas

Thank you!

0 Likes

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

Get Started with SAS Information Catalog in SAS Viya

SAS technical trainer Erin Winters shows you how to explore assets, create new data discovery agents, schedule data discovery agents, and much more.

Watch Get Started with SAS Information Catalog in SAS Viya on YouTube

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 4 replies
  • ‎08-13-2019 10:53 AM
  • 3168 views
  • 0 likes
  • 2 in conversation