Scribd
Upload
9 views

File Permissions and Privilege Escalation

The document explains Linux file permissions, which control user access to files and directories, and their importance in preventing unauthorized access and protecting system integrity. It also covers privilege escalation, detailing types (vertical and horizontal), techniques (such as sudo and su), and common risks associated with misconfigurations. Best practices for maintaining security include using the least privilege principle, regular audits, and limiting sudo access.

Uploaded by

fnketia628
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
9 views

File Permissions and Privilege Escalation

The document explains Linux file permissions, which control user access to files and directories, and their importance in preventing unauthorized access and protecting system integrity. It also covers privilege escalation, detailing types (vertical and horizontal), techniques (such as sudo and su), and common risks associated with misconfigurations. Best practices for maintaining security include using the least privilege principle, regular audits, and limiting sudo access.

Uploaded by

fnketia628
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 15

FILE PERMISSIONS AND PRIVILEGE

ESCALATION
UNDERSTANDING LINUX PERMISSIONS AND ESCALATION
TECHNIQUES
WHAT ARE FILE PERMISSIONS ?
File permissions in Linux are a set of rules that determine who can
access a file or directory and what actions they can perform on it.
These permissions are essential for controlling how users interact
with files and directories in a Linux system.

WHY ARE THEY IMPORTANT ?


• Prevent unauthorized access
• Protect system and file integrity
UNDERSTANDING FILE PERMISSIONS
THREE PERMISSION TYPES
• READ (r) - Allows a user to view the contents of a file and list contents of a directory.
• WRITE (w) - Allows a user to modify the contents of a file and modify a directory.
• EXECUTE (x) - Allows a user to run the file as a program or script and traverse(access or
enter) a directory.
THREE USER CLASSES
• OWNER - The user who owns the file or directory.
• GROUP - A collection of users who share the same permissions for the file or directory.
• OTHERS - Refers to all other users on the system who are not the owner or part of the group.
UNDERSTANDING FILE PERMISSIONS
VIEWING FILE PERMISSIONS

• Command: ls –l
• Command output:
CHANGING PERMISSIONS WITH CHMOD
Command: chmod [options] permissions file
Permission Notation:
• Symbolic: u+rwx, g-r, o=x
• Octal: 755, 644
CHANGING OWNERSHIP WITH CHOWN
• Command: chown [options] user:group file
INTRODUCTION TO PRIVILEGE ESCALATION
WHAT IS PRIVILEGE ESCALATION?
Privilege escalation is the process of gaining higher-level access or permissions on a system than
what was originally intended or granted. This is often done to bypass security restrictions and gain
control over a system or access sensitive data.
TYPES OF PRIVILEGE ESCALATION?
Privilege escalation is broadly categorized into two types: Vertical and Horizontal.
• Vertical Privilege Escalation (User to Root): Vertical privilege escalation occurs when a user
gains higher-level privileges than they are supposed to have.
• Horizontal Privilege Escalation (User to Another User): Horizontal privilege escalation occurs
when a user gains access to another user’s account at the same privilege level.
PRIVILEGE ESCALATION VIA SUDO
WHAT IS SUDO?
Sudo allows for execution of commands as another user (usually root)
SOME MISCONFIGURATIONS:
• Overly permissive sudoers file
• Allowing dangerous files
EXAMPLE
sudo –l
PRIVILEGE ESCALATION VIA SU
WHAT IS SU?
SU is used to switch accounts to another account (root or another user account)
COMMANDS
• su - username (Switch to username).
• su - (Switch to root).
SUID/ SGID BINARIES
SUID (Set User ID): When an executable file has the SUID bit set, it runs with the
permissions of the file owner instead of the user executing it.

SGID (Set Group ID): When an executable file has the SGID bit set, it runs with the
permissions of the file’s group instead of the group of the user executing it.
COMMON PRIVILEGE ESCALATION TECHNIQUES
• Weak File Permissions

• Unrestricted sudo access

• Kernel Exploits

• Service misconfigurations

• World writable directories

• SUID/SGID misconfigurations

• Exploiting cron jobs etc.


BEST PRACTICES FOR SECURITY
• Use least privilege principle.

• Regularly audit permissions.

• Limit sudo access.

• Monitor SUID/SGID binaries.

• Keep systems updated.


SUMMARY
File Permissions:

• Types: Read (r), Write (w), Execute (x).

• Commands: chmod, chown, etc.

Privilege Escalation:

• Techniques: sudo, su, SUID/SGID, Sticky Bits.

• Risks: Misconfigurations, weak passwords, vulnerable binaries.

Best Practices:

• Least privilege, regular audits, limit sudo access, update systems.


QUESTION TIME

You might also like