How to Find World-Writable Files in Linux?

August 14, 2014 / General Discussion

In Linux, a file “world writable” is a file that everyone can write. These files used as sensitive by people who did not aim at the base to write data to the system or out of a given directory.

The world-writable files are more dangerous. When they run by anyone on the system, as they can then make a script. Today, we will see how easily we can locate these files on a Linux system through the command “Find” which is available on most of Linux systems.

Using the Find command:

To find the world-writable files on a Linux system, just use the following command:

| find / -type f! -path "/ proc / *" -prune -perm o + w exec ls {} -lg /; 2> / dev / null

Then we will back all world writable system files and display their rights, their owner and their full path:

For those who wish to understand the command:

Find command search files in a directory for the fact that we specify here as the root “/”

  1. “-type” specifies the type of object you are looking for. “F” for file and “d” for directory
  2. ” ! path “/ proc / *” -prune “to exclude the” / proc ” which always takes a lot of profit
  3. “perm” used to search given permission, here ‘o + w” or “2” that is the octal value of the license “w” written for “other” users
  4. “- exec ‘to execute a command
  5. ” -lg ls {} ” will list the files in a list format (” l “) without displaying the owner – (” g “) from the root
  6. ” 2> / dev / null ” used to redirect errors to a null file

For those who quickly grasped the principle of command and options used, it is entirely possible to use it to find the files “world readable” files/folders according to specific rights or rules of other folders.