A recent pen test activity pointed out an issue with insecure folder permissions within the Spectrum install hierarchy

Document ID : KB000125434
Last Modified Date : 29/01/2019
Show Technical Document Details
Issue:
A recent pen test activity pointed out an issue with insecure folder permissions within the Spectrum install hierarchy. They recommended to harden the permissions on these folders
 
d:\win32app\spectrum\mysql\bin
d:\win32app\spectrum\lib\sdpm
 
At the moment, Spectrum Users and Administrators have access which we would expect. Additional to that, the Everyone group has Read & Execute, List folder contents and Read.
 
Would it be possible to either remove the Everyone group from these folders or at least take away the Execute permission?
 
Resolution:
This issue would be limited to Windows.
You can remove Everyone group if required.
As long as the spectrum owner and admins have rights.