Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 05-30-2008, 06:08 AM   #1
Registered: Apr 2008
Posts: 108

Rep: Reputation: 15
Smile World Writeable System Files


As part of a security lockdown procedure, I need to account for many of the world writable system files on an installation.

These files in question here are:

srw-rw-rw- 1 root root 0 May 29 06:41 /etc/httpd/run/acpid.socket

srwxrwxrwx 1 root root 0 May 29 06:42 /etc/httpd/run/dbus/system_bus_socket

srwxrwxrwx 1 htt htt 0 May 29 06:42 /etc/httpd/run/iiim/.iiimp-unix/9010

srwxrwxrwx 1 canna canna 0 May 29 06:42 /etc/httpd/run/.iroha_unix/IROHA

Need these be of concern if httpd is not running? On the Web, I seem to be able to find only obscure references to irona, iiim, etc.

Thank you for any help,
Old 05-30-2008, 06:40 AM   #2
Senior Member
Registered: Aug 2003
Location: Glasgow
Distribution: Fedora / Solaris
Posts: 3,109

Rep: Reputation: 96
You're OK - acpid.socket allows any app to gather ACPI events, and system_bus_socket allows apps to talk to each other over the system bus - both of these should be available to all users.

If you're not running httpd, then there's most likely nothing listening on the other two sockets. You can check with:
netstat -pan | egrep 'iiimp|IROHA'

Old 05-30-2008, 07:10 AM   #3
Registered: Apr 2008
Posts: 108

Original Poster
Rep: Reputation: 15
Typed command netstat -pan | egrep 'iiimp|IROHA' and results are below:

unix 2 [ ACC ] STREAM LISTENING 8667 4463/htt_server /va r/run/iiim/.iiimp-unix/9010

unix 2 [ ACC ] STREAM LISTENING 8662 4475/cannaserver /va r/run/.iroha_unix/IROHA

Based on the above what are your first thoughts?

If I'm not using Apache webserver was considering uninstalling the Apache in hopes of removing the httpd directory therefore removing the world writable system "files". I'm very new to LINUX and wondered if removing Apache "httpd -k uninstall" if it will cleanly remove the httpd directory and respective files and result in no damaging reprocutins? Can I just place the files in a directory only accessed by root thereby general users can not access the files (IROHA, 9010, system_bus_socket, acpid.socket)
Old 05-30-2008, 07:37 AM   #4
Registered: May 2001
Posts: 29,353
Blog Entries: 55

Rep: Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541
IIIM appears to be the "Internet/Intranet Input Method" server which Canna ties in to. if you don't write need Kanji etc input methods you could first try to remove iiim/canna and related packages.
Old 05-30-2008, 04:09 PM   #5
Registered: May 2008
Posts: 101

Rep: Reputation: 15
iiimp and IROHA are not needed by Apache/Httpd, so removing Apache will not affect these in any way. I have Apache running without iiimp and IROHA. I guess they are rather related to canna or something else.

Linux Archive

Last edited by seraphim172; 06-25-2008 at 04:45 AM.
Old 05-30-2008, 06:58 PM   #6
LQ Guru
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 8,205
Blog Entries: 4

Rep: Reputation: 2762Reputation: 2762Reputation: 2762Reputation: 2762Reputation: 2762Reputation: 2762Reputation: 2762Reputation: 2762Reputation: 2762Reputation: 2762Reputation: 2762
Notice the leading "s" in that directory-listing: this means that the entry is a socket.

Now... what's a socket? Well, it's a program-to-program communication port. It's possible for sockets to be denoted by these file-like entries in a directory, but they're not files. The "rwxrwxrwx" does not mean that it's really "a world-writeable file."

You'll also see an "l" (ell) in the first column... once again, a "symbolic link," not a file.
Old 06-02-2008, 05:58 AM   #7
Registered: Apr 2008
Posts: 108

Original Poster
Rep: Reputation: 15
Great if this is a symbolic link then I will not change the permissions since the focus is on world-writeable file in the /etc directory.

Take care,


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
World Writable Files ilago Linux - Security 4 10-06-2007 11:21 PM
LXer: Qemu a Virtualization System for Open Source World LXer Syndicated Linux News 0 06-27-2006 05:54 PM
converting Knoppix into writeable system abrand888 Linux - Distributions 6 05-20-2005 09:28 AM
world writeable files will not stay world writeable antken Mandriva 1 03-02-2004 05:04 PM
What if making /var/mail world-writeable? J_Szucs Linux - Security 4 08-18-2002 09:33 AM

All times are GMT -5. The time now is 12:47 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration