searching for 777 directories on a box

Radio_Head

Well-Known Member
Verifed Vendor
Feb 15, 2002
2,048
1
343
[security] searching for 777 directories on a box

Anyone knows a fast way to list all the directories on a box which have chmod 777 ?

I am using

# ls -Rl | grep / | grep drwxrwxrwt

but it is not the best way ....(i receive also not useful results)
 
Last edited:

Radio_Head

Well-Known Member
Verifed Vendor
Feb 15, 2002
2,048
1
343
thank you!
 
Last edited:

Radio_Head

Well-Known Member
Verifed Vendor
Feb 15, 2002
2,048
1
343
running...

find / \( -type d -a -perm -0777 -group root \) -print


i find all good places where an hacker could try to execute c code (fo example), am I right ?

If yes I found other 6 dir which could be vulnerable on my box ... over /tmp :mad:
 
Last edited:

dgbaker

Well-Known Member
PartnerNOC
Sep 20, 2002
2,531
9
343
Toronto, Ontario Canada
cPanel Access Level
DataCenter Provider
Those 6 should have shown up though without include -group root, since they have 777 permission.

Any file or directory that has permission 777 is a potential security issue, but sometimes 777 files and directories are required by programs.

The best thing is to note which are 777 and gain an understanding of why and then monitor regularily.
 

Radio_Head

Well-Known Member
Verifed Vendor
Feb 15, 2002
2,048
1
343
Originally posted by dgbaker
Those 6 should have shown up though without include -group root, since they have 777 permission.

Any file or directory that has permission 777 is a potential security issue, but sometimes 777 files and directories are required by programs.

The best thing is to note which are 777 and gain an understanding of why and then monitor regularily.
I want say ... on another post someone suggested that is a good idea nosuid nosexec /tmp .
But if the hacker could make damage on every 777 directory as you wrote , then there is no reason to nosuid nosexec /tmp ..
:confused:
 
Last edited:

Radio_Head

Well-Known Member
Verifed Vendor
Feb 15, 2002
2,048
1
343
up

cPanel.net Support Ticket Number: