New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

2024 Audit - SEC-01-006 WP3: File Access via Insecure Permissions #7286

Open

zenmonkeykstop opened this issue Oct 29, 2024 · 0 comments

Labels

2024 audit recommendation server hardening

Contributor

zenmonkeykstop commented Oct 29, 2024

The server employs insecure values for operating system configuration files and
directories, which may compromise security settings. The identified permission issues
could permit unauthorized access to sensitive information, potentially resulting in system
compromise, data leakage, or unauthorized modifications

Most of the files in question contain no secrets and are publicly available on GitHub; we do plan on updating permissions for /var/lib/securedrop.

The text was updated successfully, but these errors were encountered:

zenmonkeykstop added 2024 audit recommendation server hardening labels

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment