Insecure Write Permissions On Executable Files (Doc ID 2124970.1)

Last updated on SEPTEMBER 08, 2017

Applies to:

Oracle Enterprise Single Sign-On Suite Plus - Version 11.1.1.2.0 and later
Information in this document applies to any platform.

Goal


Customer's have detected insecure permissions in their ESSO environment. Services configured to use an executable with weak permissions are vulnerable to privilege escalation attacks. A non-privileged user could modify or overwrite the executable with arbitrary code, which would be executed the next time the service is started. Depending on the user that the service runs as, this could result in privilege escalation.

The following questionable permissions were observed;


Path : c:\program files\common files\passlogix\notificationservice\notificationsvc.exe
Used by services : SSO Notification Service
File write allowed for groups : Users

Path : c:\program files\passlogix\v-go sso\sessionmanager\smregistryservice.exe
Used by services : SMRegistryService.exe
File write allowed for groups : Users

Path : c:\program files\passlogix\v-go sso\sessionmanager\ssosmservice.exe
Used by services : SSOSMService.exe
File write allowed for groups : Users

What are the ramifications of disabling write permissions on these executable files and only allowing read/execute?
 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms