Archive for the tag 'world'

How to verify that all World-Writable Directories Have Proper Ownership

Locate any directories in local partitions which are world-writable and ensure that they are owned by root or another system account.

The following command will discover and print these (assuming only system accounts have a uid lower than 500). Run it once for each local partition PART:

# find PART -xdev -type d -perm -0002 -uid +500 -print

If this command produces any output, investigate why the current owner is not root or another system account.

Allowing a user account to own a world-writable directory is undesirable because it allows the owner of that directory to remove or replace any files that may be placed in the directory by other users.

Locate world-writable files and directories

To locate world-writable files and directories, you can use the following command

find / -path /proc -prune -o -perm -2 ! -type l -ls

World-writable files are a security risk since it allows anyone to modify them. Additionally, world-writable directories allow anyone to add or delete files.

The “! -type l” parameter skips all symbolic links since symbolic links are always world-writable. However, this is not a problem as long as the target of the link is not world-writable, which is checked by the above find command.

World-Writable directories with sticky bit such as the /tmp directory do not allow anyone except the owner of a file to delete or modify it in this directory. The sticky bit makes files stick to the user who created it and it prevents other users from deleting and renaming the files. Therefore, depending on the purpose of the directory world-writable directories with sticky are usually not an issue. An example is the /tmp directory:

~$ ls -ld /tmp

drwxrwxrwt 8 root root 4096 Oct 26 05:19 /tmp

From the find man pages:

-type c

File is of type c:

l symbolic link; this is never true if the -L option or the -follow option is in effect, unless the symbolic link is broken. If you want to search for symbolic links when -L is in effect, use -xtype.