SWELF
SWELF copied to clipboard
Lock down install dir for SWELF
Lock down dir and splunk Dirs configs at file level.
This is a folder permissions issue. If not fixed could allow PrivEsec in OS. This needs to be done to all files and folders SWELF uses.
https://docs.microsoft.com/en-us/dotnet/api/system.io.directory.setaccesscontrol?view=netframework-4.8
https://docs.microsoft.com/en-us/dotnet/api/system.io.file.setaccesscontrol?view=netframework-4.8
https://docs.microsoft.com/en-us/dotnet/api/system.security.permissions.fileiopermission?view=netframework-4.8
since it can be run from any dir. I will give user the command line option to run that will take care of swelf currenlty running dir.