Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 10-22-2010, 04:38 AM   #1
Registered: Sep 2009
Posts: 684
Blog Entries: 2

Rep: Reputation: 36
Need to remove Group write permission .

How would i write a command that can find all the objects under the etc directory that have group write permission enabled and have not been accessed in the last X days.

This is what i got from internet souce but i m not able to modify it according to my distribution.

find /etc -perm -0070 -a -mtime +X ! -type l ?print

Here is the exact statement from link i m referring to.
2.6 Group Write Permissions

By default many of the files and directories in the LINUX Operating System come with the group-write permission bit enabled allowing the group members to write to the object yet this functionality is rarely required. The group write bit should removed from all operating system files or directories that do not explicitly require it to be enabled.

# Risks: Unintentional or Malicious alteration of critical OS files may leave the system vulnerable to exploitation impacting data confidentiality, integrity or availability.

# Compliance:

+ ISO 17799 Policy: 9.6.1
+ DISA STIG Section: 3.5

# Requirements:

A search of an atypical LINUX box using the find command can identify all files with world write permissions where the atime or mtime have not been updated since the operating system was installed. These files can have their group write permissions safely removed.

For example the following command can find all the objects under the root directory that have group write permission enabled and have not been accessed in the last X days:

find /etc -perm -0070 -a -mtime +X ! -type l ?print

Assuming X is the number of days since the OS was installed then the objects this command identifies can safely have the group write bit disabled.

Note the " ! -type l " is needed to eliminate sym links for since they always have perms 777 this will eliminate false positives.
I m getting following error.

# find /etc -perm -0070 -a -mtime 4 ! -type l ?print
find: paths must precede expression
Usage: find [-H] [-L] [-P] [path...] [expression]
Old 10-22-2010, 04:44 AM   #2
Registered: Sep 2009
Posts: 684
Blog Entries: 2

Original Poster
Rep: Reputation: 36
I can able to get output if i remove ! -type .

Can any one please help me find what does ! -type do?
Old 10-22-2010, 04:59 AM   #3
Senior Member
Registered: Jan 2010
Posts: 1,606

Rep: Reputation: 448Reputation: 448Reputation: 448Reputation: 448Reputation: 448
find /etc -perm -0070 -a -mtime +4 ! -type l -print
the '!' simply negates your next statement, i.e. it searches for anything except links.

if you are not root you might have to prepend a sudo.

Last edited by crts; 10-22-2010 at 05:01 AM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
How to remove group write bit? pinga123 Linux - Newbie 4 10-04-2010 10:15 AM
Secondary group member can't write on samba share if they have full permission krishnakant Linux - Server 11 06-23-2009 03:29 PM
Changing permission on a folder so group users can Read and Write maginotjr Linux - Server 7 03-27-2009 03:22 PM
group permission the sticky bit permission comes in capital 'S' pkishorenayak Linux - Newbie 1 04-11-2008 05:04 PM
vfat partition - write permission for users group digitized_funk Linux - Newbie 8 03-19-2003 07:30 AM

All times are GMT -5. The time now is 05:40 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration