7.7 Finding Files Having a Particular Set of File Permissions

You have already used the find command to search any file in the file system hierarchy. You can also use the find command to list files with desired file permissions in the file system. For example, if the system administrator wants to list all files for which the SUID bit is set in the /usr/bin directory, the following command is useful. Here I have shown only partial output, as the actual output is quite long.

 #  find /usr/bin -perm -u+s -exec ll {} \;  -r-sr-xr-x   5 root  bin  49152 Apr  9  1998 /usr/bin/chfn -r-sr-xr-x   1 root  bin  49152 Nov  6  1997 /usr/bin/chkey -r-sr-xr-x   5 root  bin  49152 Apr  9  1998 /usr/bin/chsh -r-sr-xr-x   1 root  bin  53248 Apr  9  1998 /usr/bin/ct -r-sr-xr-x   1 root  bin  40960 Apr  9  1998 /usr/bin/cu -r-sr-xr-x   1 root  bin  73728 Feb  2  1998 /usr/bin/df -r-sr-xr-x   1 root  bin  49152 Nov  7  1997 /usr/bin/login -r-sr-xr-x   1 root  bin  45056 Jun 15  1998 /usr/bin/lp -r-sr-xr-x   1 root  bin  40960 Oct 27  1997 /usr/bin/lpalt -r-sr-sr-x   2 root  mail 45056 Nov  7  1997 /usr/bin/mail # 

This output shows that whenever someone uses one of the above commands, he or she will become the superuser during the execution time of the command. You can also use a similar command to check your files in your home directory to find out if some security hole exists due to any mistake in granting permissions. The following command lists all files for which SETUID is set, and anybody from group or others also has write permission to that file.

 $  find / -perm -u+s,g+w,o+w