LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-11-2010, 07:27 AM   #1
pinga123
Member
 
Registered: Sep 2009
Posts: 684
Blog Entries: 2

Rep: Reputation: 36
How to find root owned world writable files?


Being a system administrator i came across a statement as " Excluding temporary directories /tmp and /var/tmp, no root owned files should be in world writable directories"

While the above statement may look straight forward but how would i check if there are any such directories in the distribution?
 
Click here to see the post LQ members have rated as the most helpful post in this thread.
Old 10-11-2010, 07:39 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
Code:
find / -owner root -perm /o=w
should cover it i think.
 
2 members found this post helpful.
Old 10-11-2010, 07:59 AM   #3
pinga123
Member
 
Registered: Sep 2009
Posts: 684
Blog Entries: 2

Original Poster
Rep: Reputation: 36
Quote:
Originally Posted by acid_kewpie View Post
Code:
find / -owner root -perm /o=w
should cover it i think.
I think this will be more appropriate .

Correct me if i m wrong.



Code:
# find / -type d -user root -perm /o=w
 
Old 10-11-2010, 08:21 AM   #4
angel115
Member
 
Registered: Jul 2005
Location: France / Ireland
Distribution: Debian mainly, and Ubuntu
Posts: 528

Rep: Reputation: 78
~~mistake~~

Last edited by angel115; 10-11-2010 at 08:26 AM.
 
Old 10-11-2010, 08:22 AM   #5
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
certainly it's -user, not -owner. doh.
 
Old 10-11-2010, 08:39 AM   #6
GrapefruiTgirl
LQ Guru
 
Registered: Dec 2006
Location: underground
Distribution: Slackware64
Posts: 7,594

Rep: Reputation: 551Reputation: 551Reputation: 551Reputation: 551Reputation: 551Reputation: 551
So, I'm still missing something here. Won't the solution(s) offered, identify root-owned other-writeable directories, but not check whether there's any root-owned files in there (and if there aren't, then the directory should be filtered out of the results, no?)?
 
Old 10-11-2010, 08:46 AM   #7
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
Quote:
Originally Posted by GrapefruiTgirl View Post
So, I'm still missing something here. Won't the solution(s) offered, identify root-owned other-writeable directories, but not check whether there's any root-owned files in there (and if there aren't, then the directory should be filtered out of the results, no?)?
-d is short for "da files"
 
Old 10-11-2010, 08:53 AM   #8
grail
LQ Guru
 
Registered: Sep 2009
Location: Perth
Distribution: Manjaro
Posts: 9,251

Rep: Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684
Well your query says root owned 'files' not directories so '-type d' would be incorrect.
I believe you would need to pipe food into a while loop and check if directory had the correct perms.

Something like:
Code:
while read -r test_file
do
    [[ $(stat -c%A "$test_file") =~ .w.$ ]] && echo "${test_file%/*}"
done< <(find -type f -user root)
Edit: Forgot to print the right thing ... oops

Last edited by grail; 10-11-2010 at 09:16 AM.
 
Old 10-11-2010, 09:00 AM   #9
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
Quote:
Originally Posted by grail View Post
Well your query says root owned 'files' not directories so '-type d' would be incorrect.
I believe you would need to pipe food into a while loop and check if directory had the correct perms.

Something like:
Code:
while read -r test_file
do
    [[ $(stat -c%A "$test_file") =~ .w.$ ]] && echo "$test_file"
done< <(find -type f -user root)
Why do I keep misreading things? Yes, you would have a two stage thing here as find doesn't keep any context in terms of what files are in what directories. So you'd need to find the directories and then see if in that directory there are any files owned by root.
 
1 members found this post helpful.
Old 10-11-2010, 09:33 AM   #10
GrapefruiTgirl
LQ Guru
 
Registered: Dec 2006
Location: underground
Distribution: Slackware64
Posts: 7,594

Rep: Reputation: 551Reputation: 551Reputation: 551Reputation: 551Reputation: 551Reputation: 551
Thanks grail & Chris - that clears things up!

grail, I had been working on something similar to what you've got there, but yours looks better.
 
Old 10-11-2010, 09:35 AM   #11
grail
LQ Guru
 
Registered: Sep 2009
Location: Perth
Distribution: Manjaro
Posts: 9,251

Rep: Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684
thanks
 
Old 10-12-2010, 12:28 AM   #12
pinga123
Member
 
Registered: Sep 2009
Posts: 684
Blog Entries: 2

Original Poster
Rep: Reputation: 36
Quote:
Originally Posted by grail View Post
thanks
Its seems i have thousands of files lying there .
Not sure about whatever i did is correct.Here listing the things i did.

I have created a bash script named tempprogram.sh

place it under / directory.

executed.

content:
Code:
# cat testprogram.sh
#!/bin/bash

while read -r test_file
do
    [[ $(stat -c%A "$test_file") =~ .w.$ ]] && echo "${test_file%/*}"
done< <(find -type f -user root)
Outputonly some part of output is pasted as its too much to post.
Code:
./proc/5834/task/5834/attr
./proc/5834/task/5834/attr
./proc/5834/task/5834/attr
./proc/5834/task/5834/attr
./proc/5834/task/5834/attr
./proc/5834/task/5855/attr
./proc/5834/task/5855/attr
./proc/5834/task/5855/attr
./proc/5834/task/5855/attr
./proc/5834/task/5855/attr
./proc/5834/attr
./proc/5834/attr
./proc/5834/attr
./proc/5834/attr
./proc/5834/attr
./proc/5999/task/5999/attr
./proc/5999/task/5999/attr
./proc/5999/task/5999/attr
./proc/5999/task/5999/attr
./proc/5999/task/5999/attr
./proc/5999/task/6007/attr
./proc/5999/task/6007/attr
./proc/5999/task/6007/attr
./proc/5999/task/6007/attr
./proc/5999/task/6007/attr
./proc/5999/task/6382/attr
./proc/5999/task/6382/attr
./proc/5999/task/6382/attr
./proc/5999/task/6382/attr
./proc/5999/task/6382/attr
./proc/5999/attr
./proc/5999/attr
./proc/5999/attr
./proc/5999/attr
./proc/5999/attr
./proc/6001/task/6001/attr
./proc/6001/task/6001/attr
./proc/6001/task/6001/attr
./proc/6001/task/6001/attr
./proc/6001/task/6001/attr
./proc/6001/attr
./proc/6001/attr
./proc/6001/attr
./proc/6001/attr
./proc/6001/attr
./proc/6028/task/6028/attr
./proc/6028/task/6028/attr
./proc/6028/task/6028/attr
Please guide me on next course of action.
 
Old 10-12-2010, 01:20 AM   #13
grail
LQ Guru
 
Registered: Sep 2009
Location: Perth
Distribution: Manjaro
Posts: 9,251

Rep: Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684Reputation: 2684
Just noticed that we are also stating the file and not the directory ... my bad.
Change the following:
Code:
$(stat -c%A "$test_file")

# to

$(stat -c%A "${test_file%/*}")
Now we will be testing if the directory is writable and not the file
 
Old 10-12-2010, 02:21 AM   #14
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,240

Rep: Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324
@pinga123: /proc is a window into the kernel; ignore that dir
 
Old 10-13-2010, 12:26 AM   #15
pinga123
Member
 
Registered: Sep 2009
Posts: 684
Blog Entries: 2

Original Poster
Rep: Reputation: 36
Please find the modified code but even this seems to generate lot of output entries i guess they and in lacks.
Please help.
Quote:
# cat testprogram.sh
#!/bin/bash

while read -r test_file
do
[[ $(stat -c%A "${test_file%/*}") ]] && echo "${test_file%/*}"
done< <(find -type f -user root)
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
how to edit files owned by root? maiden2 Linux - Newbie 3 12-12-2007 01:32 PM
World Writable Files ilago Linux - Security 4 10-07-2007 12:21 AM
Editing files owned by root SiW Programming 5 07-31-2007 02:36 PM
Security Warning: World Writable files found foxxer Linux - Security 7 06-04-2005 12:03 PM
vfat mount - all files are 'root' owned, but even root can't -WX d33pdream Linux - General 5 02-28-2003 03:38 AM


All times are GMT -5. The time now is 09:04 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration