World writable files are those that all users of the system could write to. In Unix / Linux systems, few of the files and directories are world writable, and for a specific purpose. /tmp and /var/tmp directories are world writable, and sticky bit is set for them. A directory that is world writable should have sticky bit set as well. If stick bit is not set for a world writable directory, that is a cause for an alarm. World writable files pose even more risk when they are executable by all as well. Because those are scripted disasters that are waiting to happen.
Here is a command to list files that are world-writable.
# find / -perm -777 ! -type l ! \( -type d -and -perm -1000 \) -exec ls -ld {} \; 2>/dev/null
Symbolic links should be excluded from this list, since their permission bits are ignored. We achieved this using ! -type l
Directories that have sticky bit set should be excluded from this list. We got this done using ! \( -type d -and -perm -1000 \)
If you are not familiar with the find command, do check the manual page of find command. And about the options I have used in the above command, here is what the manual says about them :
-perm mode
File's permission bits are exactly mode (octal or symbolic).
-type l symbolic link
-type d directory
-exec command ;
Execute command; true if 0 status is returned. All following arguments to find are taken to be arguments to the command until an argument consisting of ; is encountered. The string {} is replaced by the current file name being processed everywhere it occurs in the arguments to the command, not just in arguments where it is alone, as in some versions of find. Both of these constructions might need to be escaped (with a \) or quoted to protect them from expansion by the shell.
Careful examination should be done to identify whether the world writable files and directories found are actually necessary for the functionality of the system. Permission should be updated appropriately for all the files and directories that are not necessary for the functionality of the system.
Here is a command to list files that are world-writable.
# find / -perm -777 ! -type l ! \( -type d -and -perm -1000 \) -exec ls -ld {} \; 2>/dev/null
Symbolic links should be excluded from this list, since their permission bits are ignored. We achieved this using ! -type l
Directories that have sticky bit set should be excluded from this list. We got this done using ! \( -type d -and -perm -1000 \)
If you are not familiar with the find command, do check the manual page of find command. And about the options I have used in the above command, here is what the manual says about them :
-perm mode
File's permission bits are exactly mode (octal or symbolic).
-type l symbolic link
-type d directory
-exec command ;
Execute command; true if 0 status is returned. All following arguments to find are taken to be arguments to the command until an argument consisting of ; is encountered. The string {} is replaced by the current file name being processed everywhere it occurs in the arguments to the command, not just in arguments where it is alone, as in some versions of find. Both of these constructions might need to be escaped (with a \) or quoted to protect them from expansion by the shell.
Careful examination should be done to identify whether the world writable files and directories found are actually necessary for the functionality of the system. Permission should be updated appropriately for all the files and directories that are not necessary for the functionality of the system.
No comments:
Post a Comment