You have already used the find command to search any file in the file system hierarchy. You can also use the find command to list files with desired file permissions in the file system. For example, if the system administrator wants to list all files for which the SUID bit is set in the /usr/bin directory, the following command is useful. Here I have shown only partial output, as the actual output is quite long.
# find /usr/bin -perm -u+s -exec ll {} \; -r-sr-xr-x 5 root bin 49152 Apr 9 1998 /usr/bin/chfn -r-sr-xr-x 1 root bin 49152 Nov 6 1997 /usr/bin/chkey -r-sr-xr-x 5 root bin 49152 Apr 9 1998 /usr/bin/chsh -r-sr-xr-x 1 root bin 53248 Apr 9 1998 /usr/bin/ct -r-sr-xr-x 1 root bin 40960 Apr 9 1998 /usr/bin/cu -r-sr-xr-x 1 root bin 73728 Feb 2 1998 /usr/bin/df -r-sr-xr-x 1 root bin 49152 Nov 7 1997 /usr/bin/login -r-sr-xr-x 1 root bin 45056 Jun 15 1998 /usr/bin/lp -r-sr-xr-x 1 root bin 40960 Oct 27 1997 /usr/bin/lpalt -r-sr-sr-x 2 root mail 45056 Nov 7 1997 /usr/bin/mail #
This output shows that whenever someone uses one of the above commands, he or she will become the superuser during the execution time of the command. You can also use a similar command to check your files in your home directory to find out if some security hole exists due to any mistake in granting permissions. The following command lists all files for which SETUID is set, and anybody from group or others also has write permission to that file.
$ find / -perm -u+s,g+w,o+w
Top |