searching for 777 directories on a box

[Radio_Head]

[security] searching for 777 directories on a box

Anyone knows a fast way to list all the directories on a box which have chmod 777 ?

I am using

# ls -Rl | grep / | grep drwxrwxrwt

but it is not the best way ....(i receive also not useful results)

 

[dgbaker]

Try this

This finds Directories
find / \( -type d -a -perm -777 \) -print |more

This one finds files
find / -perm -2 ! -type l -ls |more

 

[howard]

nevermind dg posted before i did

 

[Radio_Head]

thank you!

 

[dgbaker]

Added more to the first post.

Also

find / -perm -2 ! -type l -ls

change the / to /home or /tmp etc......

 

[dgbaker]

Originally posted by howard
nevermind dg posted before i did

:D

 

[Radio_Head]

running...

find / \( -type d -a -perm -0777 -group root \) -print


i find all good places where an hacker could try to execute c code (fo example), am I right ?

If yes I found other 6 dir which could be vulnerable on my box ... over /tmp

 

[dgbaker]

Those 6 should have shown up though without include -group root, since they have 777 permission.

Any file or directory that has permission 777 is a potential security issue, but sometimes 777 files and directories are required by programs.

The best thing is to note which are 777 and gain an understanding of why and then monitor regularily.

 

[Radio_Head]

Originally posted by dgbaker
Those 6 should have shown up though without include -group root, since they have 777 permission.

Any file or directory that has permission 777 is a potential security issue, but sometimes 777 files and directories are required by programs.

The best thing is to note which are 777 and gain an understanding of why and then monitor regularily.

I want say ... on another post someone suggested that is a good idea nosuid nosexec /tmp .
But if the hacker could make damage on every 777 directory as you wrote , then there is no reason to nosuid nosexec /tmp ..

 

[Radio_Head]

up

cPanel.net Support Ticket Number: