Quote:
Originally Posted by orthograph
I'm pretty sure 501:501 = root:root and 0:0 = nobody:allaccount on my device.
|
It's the other way around: root has UID 0.
Quote:
Originally Posted by orthograph
But on someone else's device, I'm concerned that different numbers may be used for owners and owner groups.
|
Its a standarized product and these are std account names so the root UID at least won't ever change.
Quote:
Originally Posted by orthograph
Is there a way I can modify the command to show the actual names of the owners and owner groups, instead of their codes?
|
Use lowercase so replacing the part with "
%u:%g" should do.
Quote:
Originally Posted by orthograph
Also, in the dirs I listed, is there a risk that someone may disclose sensitive information by uploading his perms.log for the dirs (to repeat them, the dirs are: /bin /lost+found /dev /etc /lib /home /mnt/web_page /proc /usr /sbin /sys /tmp /var).
|
That is a most excellent question. However using 'find'
in the way I posted it it will be limited to mostly hardware device information, file names and obviously user names:
No:
/bin # std binaries
/lost+found # should not contain anything ever
/etc # std configuration files
/lib # std libraries
/sbin # std binaries
/proc # virtual file system contents show only process information (not traceable)
/sys # virtual file system contents reveal hardware device information (but not in a traceable way)
Maybe:
/mnt/web_page #
maybe: dunno what the contents are
/usr # std binaries, libraries and other std contents. Maybe if users put stuff there they should not have
Yes:
/home #
yes obviously
/dev # may reveal hardware device information including brand, type, serial and device labels ("pr0n", "my secret disk")
/tmp # may reveal file names if used as storage area
/var # std location for log files may reveal std process information but also file names if used as (temporary) storage area
Let's mitigate things the following way:
- change ownership
recursively on /bin, /lost+found, /etc, /lib, /usr and /sbin recursively as root should own about anything anyway (and any wrong perms you'll get from the logs),
- change ownership on /sys, /proc and /dev as root should own about anything (and anything it doesn't will be recreated on reboot anyway),
- for each user name under /home change the second level directory name recursively to that users name and group,
- which should effectively leave you with just 'find /mnt/web_page /tmp /var -printf "chown %U:%G \"%p\"\n";'...