You may need to find files with specific permissions in a Linux server for audit and security reasons. You can use the Linux find command to achieve this task.
- The following command can be used to find files with (group or other or both) writable permission and SET UID set.
# find / -perm /022 -and -perm -4000 -exec ls -ldb {} ;
^^^^ ^
| | | | |– So the SUID is 4
| | | |– Other is writable (2)
| | |–Group permission is writable (2)
| |– No owner permission mentioned (0)
|– As the logic is OR – group or other or both
- You can use the following command to list files with other writable excluding sticky bit sets.
# find / -perm -002 -and -perm -1000 -exec ls -ldb {} ;
- Use the following command to list files with other writable excluding sticky bit set.
# find / -perm -002 -not -perm -1000 -exec ls -ldb {} ;
- The following command can be used to list files with (group + other) writable and SET GID set.
# find / -perm -2022 -exec ls -ldb {} ;
- The Find command to list files with (group + other) writable permission and SET UID set.
# find / -perm -4022 -exec ls -ldb {} ;
- Command to list files with other writable and sticky bit sets.
# find / -perm -1002 -exec ls -ldb {} ;
- Command to list files with other writable excluding sticky bit set.
# find / -perm -002 -not -perm -1000 -exec ls -ldb {} ;