How to verify that all World-Writable Directories Have Proper Ownership
Locate any directories in local partitions which are world-writable and ensure that they are owned by root or another system account.
The following command will discover and print these (assuming only system accounts have a uid lower than 500). Run it once for each local partition PART:
# find PART -xdev -type d -perm -0002 -uid +500 -print
If this command produces any output, investigate why the current owner is not root or another system account.
Allowing a user account to own a world-writable directory is undesirable because it allows the owner of that directory to remove or replace any files that may be placed in the directory by other users.
How to find World/Group writable files and directories.
Finding world-writable files and directories
#find / -type f \( -perm -2 -o -perm -20 \) -exec ls -lg {} \;
#find / -type d \( -perm -2 -o -perm -20 \) -exec ls -lg {} \;
This will create a huge file with permission of all files having either write permission set to the group or everybody. Check the permissions and eliminate world writable files to everyone, by executing /bin/chmod on the files.
To remove the permission execute.
#/bin/chmod o-w [file-name]
Locate world-writable files and directories
To locate world-writable files and directories, you can use the following command
find / -path /proc -prune -o -perm -2 ! -type l -ls
World-writable files are a security risk since it allows anyone to modify them. Additionally, world-writable directories allow anyone to add or delete files.
The “! -type l” parameter skips all symbolic links since symbolic links are always world-writable. However, this is not a problem as long as the target of the link is not world-writable, which is checked by the above find command.
World-Writable directories with sticky bit such as the /tmp directory do not allow anyone except the owner of a file to delete or modify it in this directory. The sticky bit makes files stick to the user who created it and it prevents other users from deleting and renaming the files. Therefore, depending on the purpose of the directory world-writable directories with sticky are usually not an issue. An example is the /tmp directory:
~$ ls -ld /tmp
drwxrwxrwt 8 root root 4096 Oct 26 05:19 /tmp
From the find man pages:
-type c
File is of type c:
l symbolic link; this is never true if the -L option or the -follow option is in effect, unless the symbolic link is broken. If you want to search for symbolic links when -L is in effect, use -xtype.