There are certain files whose presence in the FreeBSD file system can present a security risk and should be remedied as soon as possible.
When the SUID (set user ID) or SGID (set group ID) bits are set on an executable, that program executes with the UID or GID of owner of the file, as opposed to the user executing it. This means that all executables with SUID bit set and are owned by root are executed with the UID of root. This situation is a security risk and should be minimized unless the program is designed for this risk.
To find all files on your file system that have the SUID or SGID bit set, execute:
# find / -path /proc –prune –o –type f –perm +6000 -ls
It is a good practice to generate a list of SUID or SGID files on your server as soon as possible, and re-run the above command on a regular basis to ensure new binaries with unsafe permissions are not being added to your server.
World-writable files are a security risk as well. World-writable files and directories are dangerous since it allows anyone to modify, add or delete files.
To find all world-writable files and directories, execute:
# find / -path /proc –prune –o –perm -2 ! –type 1 –ls
Another file permission issue are files not owned by any user or group. While this is not technically a security vulnerability, an audited system should not contain any unowned files. This is to prevent the situation where a new user is assigned a previous user’s UID, so now the previous owner’s files, if any, are all owned by the new user.
To find all files that are not owned by any user or group, execute:
# find / -path /proc –prune –o –nouser –o –nogroup