ABSTRACT
Many organizations have invested in a wide variety of security technologies and appliances to protect their business assets. This chapter discusses several operating system utilities that can aid the practitioner in managing permissions. Windows-based permissions are divided into two categories — file and directory. For the Linux-based operating systems, the file permissions of Read, Write, and Execute are applicable to both the file and directory structures. When the sticky bit is turned on for a directory, users can have read and/or write permissions for that directory; but they can only remove or rename files that they own. Security is often an afterthought in the actual application design, especially in the proprietary applications designed in-house. Auditing will help ensure that file and directory systems are adhering to the organization’s accepted standards. While an organization may perform regular internal audits, it is recommended to have the file and directory structure audited by an external company annually.
