Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How to find root owned world writable files?
Top Forums UNIX for Dummies Questions & Answers How to find root owned world writable files? Post 302461461 by vbe on Monday 11th of October 2010 08:26:43 AM
Old 10-11-2010
But if methyl asked you to be more exact and complete, it certainly not to make a fool of you..As first thing I believe all posters should mention on what architecture they are...
For instance if you let everybody use /var/tmp or /tmp on an HP-UX, you may one day regret... As many root processes write there... and if full...
So I believe more methyl is trying to help you avoid possible issues by missunderstanding...
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Perl CGI to access / edit "root" owned config files

I am trying to write a CGI program which accesses UNIX configuration files and changes them as required. The thing is, I don't want the CGI program to be "root" owned - it's Perl based! Is there any way that the Perl CGI program can request a username and password - and then use this to... (1 Reply)
Discussion started by: WIntellect
1 Replies

2. AIX

How to find world writable files? (AIX)

Hi Group, Could someone tell me how to find world writable files on my server? I can use find command in conjuction with -perm option and I will get an output. But what I need is an output which looks similar to ls -l output. Meaning, it should give me the full path of the file along with the... (1 Reply)
Discussion started by: matifr
1 Replies

3. UNIX for Dummies Questions & Answers

How do i find out the list of users whose terminal is writable?

Hello, i just wanted to know how do i find out the list of users whose terminal is writable?i mean i used who -T but this gives a list of all users whose terminal is writable or blocked and not writable. So how do i do this?I am new to Unix. (2 Replies)
Discussion started by: salman4u
2 Replies

4. UNIX for Dummies Questions & Answers

user able to delete directory owned by root

I've tried to figure this out. I'm only about 6 mos into my AIX admin duties, but I've got a "security" problem I can't figure out. I've created a sub directory as follows: drwx------ 2 root system 256 Apr 13 16:02 mike I've logged in another session with the following user: $ id... (2 Replies)
Discussion started by: mpheine
2 Replies

5. UNIX for Dummies Questions & Answers

find directories owned by a given user

Hi, I want to know if the is a way I can list the directories owned by a given user. Say i am logged in as that user. I found out the find command lists the files owned by a certain user/group but i want to know only the directories and if possible the permissions associated with these... (6 Replies)
Discussion started by: poojabhat
6 Replies

6. AIX

AIX 5.x OpenSSH choot and non-root owned

Good day. I was looking at implementing a chroot environment using openssh. I know I can use the sshd_config file and dictate that it is to use chroot for a specific directory for a user/group. However, the issue with this is that it is has to be root owned. To my knowledge, there is no mount... (0 Replies)
Discussion started by: smurphy_it
0 Replies

7. AIX

find command to list all the 777 files and directories owned by root user

Hi I'm logged in to an AIX box now and we need to do an audit on this box. cbssapr01:# pwd / Which command will show all the files and directories owned by root user with permissions as 777 ? (8 Replies)
Discussion started by: newtoaixos
8 Replies

8. UNIX for Dummies Questions & Answers

Read authorization for everybody on sub-directory owned by root

Hello. On my family laptop, I have a directory named /local. It is owned by root. I want to create a sub-directory named documents ( /local/documents ). I want to exclude exec for every body in that directory I want every authenticated linux user can create a sub directory ( ie :... (7 Replies)
Discussion started by: jcdole
7 Replies

9. Shell Programming and Scripting

World writable home dirs

what is wrong with this script? I get: ./perm.sh: command substitution: line 21: unexpected EOF while looking for matching `"' ./perm.sh: command substitution: line 22: syntax error: unexpected end of file Script: #!/bin/bash for dir in `/bin/cat /etc/passwd | /bin/egrep -v... (4 Replies)
Discussion started by: greenja9
4 Replies

10. Ubuntu

Create zip file from root owned fstab

I want to zip up my fstab file for backup purposes. This does not work because of permission issues. cd /etc/ zip -u fstab.zip fstab Can I use this with zip? echo xxx | sudo -S or change fstab owner to me? (3 Replies)
Discussion started by: drew77
3 Replies

LEARN ABOUT FREEBSD

rmuser

RMUSER(8)						    BSD System Manager's Manual 						 RMUSER(8)

NAME

     rmuser -- remove users from the system

SYNOPSIS

     rmuser [-yv] [-f file] [username ...]

DESCRIPTION

     The rmuser utility removes one or more users submitted on the command line or from a file.  In removing a user from the system, this utility:

     1.   Removes the user's crontab(1) entry (if any).

     2.   Removes any at(1) jobs belonging to the user.

     3.   Sends a SIGKILL signal to all processes owned by the user.

     4.   Removes the user from the system's local password file.

     5.   Removes the user's home directory (if it is owned by the user), including handling of symbolic links in the path to the actual home
	  directory.

     6.   Removes the incoming mail and POP daemon mail files belonging to the user from /var/mail.

     7.   Removes all files owned by the user from /tmp, /var/tmp, and /var/tmp/vi.recover.

     8.   Removes the username from all groups to which it belongs in /etc/group.  (If a group becomes empty and the group name is the same as the
	  username, the group is removed; this complements adduser(8)'s per-user unique groups.)

     9.   Removes all message queues, shared memory segments and semaphores owned by the user.

     The rmuser utility refuses to remove users whose UID is 0 (typically root), since certain actions (namely, killing all the user's processes,
     and perhaps removing the user's home directory) would cause damage to a running system.  If it is necessary to remove a user whose UID is 0,
     see vipw(8) for information on directly editing the password file.

     If rmuser was not invoked with the -y option, it will show the selected user's password file entry and ask for confirmation that the user be
     removed.  It will then ask for confirmation to delete the user's home directory.  If the answer is in the affirmative, the home directory and
     any files and subdirectories under it will be deleted only if they are owned by the user.	See pw(8) for more details.

     As rmuser operates, it informs the user regarding the current activity.  If any errors occur, they are posted to standard error and, if it is
     possible for rmuser to continue, it will.

     The options are as follows:

     -f file   The rmuser utility will get a list of users to be removed from file, which will contain one user per line.  Anything following a
	       hash mark ('#'), including the hash mark itself, is considered a comment and will not be processed.  If the file is owned by anyone
	       other than a user with UID 0, or is writable by anyone other than the owner, rmuser will refuse to continue.

     -y        Implicitly answer ``yes'' to any and all prompts.  Currently, this includes prompts on whether to remove the specified user and
	       whether to remove the home directory.  This option requires that either the -f option be used, or one or more user names be given
	       as command line arguments.

     -v        Enable verbose mode.  Normally, the output includes one line per removed user; however, with this option rmuser will be much more
	       chatty about the steps taken.

     username  Identifies one or more users to be removed; if not present, rmuser interactively asks for one or more users to be removed.

FILES

     /etc/master.passwd
     /etc/passwd
     /etc/group
     /etc/spwd.db
     /etc/pwd.db

SEE ALSO

     at(1), chpass(1), crontab(1), finger(1), passwd(1), group(5), passwd(5), adduser(8), pw(8), pwd_mkdb(8), vipw(8)

HISTORY

     The rmuser utility appeared in FreeBSD 2.2.

BUGS

     The rmuser utility does not comprehensively search the file system for all files owned by the removed user and remove them; to do so on a
     system of any size is prohibitively slow and I/O intensive.  It is also unable to remove symbolic links that were created by the user in /tmp
     or /var/tmp, as symbolic links on 4.4BSD file systems do not contain information as to who created them.  Also, there may be other files cre-
     ated in /var/mail other than /var/mail/username and /var/mail/.pop.username that are not owned by the removed user but should be removed.

     The rmuser utility has no knowledge of YP/NIS, and it operates only on the local password file.

BSD
								   May 10, 2002 							       BSD
All times are GMT -4. The time now is 09:41 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy