A recent pen test activity pointed out an issue with insecure folder permissions within the Spectrum install hierarchy
search cancel

A recent pen test activity pointed out an issue with insecure folder permissions within the Spectrum install hierarchy

book

Article ID: 125434

calendar_today

Updated On:

Products

Spectrum

Issue/Introduction

A recent pen test activity pointed out an issue with insecure folder permissions within the Spectrum install hierarchy. They recommended to harden the permissions on these folders
 
d:\win32app\spectrum\mysql\bin
d:\win32app\spectrum\lib\sdpm
 
At the moment, Spectrum Users and Administrators have access which we would expect. Additional to that, the Everyone group has Read & Execute, List folder contents and Read.
 
Would it be possible to either remove the Everyone group from these folders or at least take away the Execute permission?
 

Resolution

This issue would be limited to Windows.

You can remove Everyone group if required.

As long as the spectrum owner and admins have rights.
Powered by Wolken Software