SBDavid
May 23rd, 2012
May 23rd, 2012
How to verify that all World-Writable Directories Have Proper Ownership
How to verify that all World-Writable Directories Have Proper Ownership
Locate any directories in local partitions which are world-writable and ensure that they are owned by root or another system account.
The following command will discover and print these (assuming only system accounts have a uid lower than 500). Run it once for each local partition PART:
# find PART -xdev -type d -perm -0002 -uid +500 -print
If this command produces any output, investigate why the current owner is not root or another system account.
Allowing a user account to own a world-writable directory is undesirable because it allows the owner of that directory to remove or replace any files that may be placed in the directory by other users.
