Discussion:
question
jasond2015@att.net [sed-users]
2016-01-18 22:46:08 UTC
Permalink
Hello Sed users,


I have a question on how to find world writable files. If I type in the following, I'm not completely getting all of the world writible system files.



sed -i '/find \/selinux -type f -perm +0002 -exec chmod o-w {} \\;/d' /etc/rc.local

sed -i '/find \/ -perm -2 -a \\( -type d -o -type f \\) -exec ls -ld {} \\;/d' /etc/rc.local


is there something else I can add to make sure all the world writable files are found?











[Non-text portions of this message have been removed]
Sven Guckes maillists-yahoo@guckes.net [sed-users]
2016-01-19 00:26:29 UTC
Permalink
Post by ***@att.net [sed-users]
I have a question on how to find world writable files.
is there something else I can add to make
sure all the world writable files are found?
i like the really short notation of the zsh:

zsh> ls -l **/*(.W)

pattern description
** recurse into subdirectories
* all objects (use D for GLOB_DOTS)
. file
W world writable

see also: "man zsh" - "Glob Operators".

ps: sure - you can do this with "find" and other tools, too.

Sven

---------------------------------------------------------------------
Sven's Overview to zsh qualifiers / directories . plain files
* 0100 executable plain files @ symbolic links = sockets
r 0400 owner-readable files p named pipes (FIFOs)
w 0200 owner-writable files
x 0100 owner-executable files % device files (character or block special)
A 0040 group-reAdable files %b block special files
I 0020 group-wrItable files %c character special files
E 0010 group-exEcutable files
R 0004 world-Readable files s 04000 setuid files
W 0002 world-Writable files S 02000 setgid files
X 0001 world-Executable files t 01000 files with the sticky bit
---------------------------------------------------------------------
a few zsh aliases using globbing:
alias cdn='cd *(/om[1])'
alias dusck='du -sck *(.Lm+1) | sort -n'
alias lsd='ls -adCF *(/)'
alias lldn='ls -ld *(/om[1])'
alias lsf='ls --color -adCF *(.)'
JASON DIMAGIBA jasond2015@att.net [sed-users]
2016-01-19 01:12:38 UTC
Permalink
thanks for responding...pretty cool -I'm using bash not zsh though...apparently that won't work on my shell:
bash: syntax error near unexpected toke
Post by ***@att.net [sed-users]
I have a question on how to find world writable files.
is there something else I can add to make
sure all the world writable files are found?
i like the really short notation of the zsh:


zsh> ls -l **/*(.W)


pattern description
** recurse into subdirectories
* all objects (use D for GLOB_DOTS)
. file
W world writable


see also: "man zsh" - "Glob Operators".


ps: sure - you can do this with "find" and other tools, too.


Sven


----------------------------------------------------------
Sven's Overview to zsh qualifiers / directories . plain files
* 0100 executable plain files @ symbolic links = sockets
r 0400 owner-readable files p named pipes (FIFOs)
w 0200 owner-writable files
x 0100 owner-executable files % device files (character or block special)
A 0040 group-reAdable files %b block special files
I 0020 group-wrItable files %c character special files
E 0010 group-exEcutable files
R 0004 world-Readable files s 04000 setuid files
W 0002 world-Writable files S 02000 setgid files
X 0001 world-Executable files t 01000 files with the sticky bit
----------------------------------------------------------
a few zsh aliases using globbing:
alias cdn='cd *(/om[1])'
alias dusck='du -sck *(.Lm+1) | sort -n'
alias lsd='ls -adCF *(/)'
alias lldn='ls -ld *(/om[1])'
alias lsf='ls --color -adCF *(.)'
#yiv7838030360 #yiv7838030360 -- #yiv7838030360ygrp-mkp {border:1px solid #d8d8d8;font-family:Arial;margin:10px 0;padding:0 10px;}#yiv7838030360 #yiv7838030360ygrp-mkp hr {border:1px solid #d8d8d8;}#yiv7838030360 #yiv7838030360ygrp-mkp #yiv7838030360hd {color:#628c2a;font-size:85%;font-weight:700;line-height:122%;margin:10px 0;}#yiv7838030360 #yiv7838030360ygrp-mkp #yiv7838030360ads {margin-bottom:10px;}#yiv7838030360 #yiv7838030360ygrp-mkp .yiv7838030360ad {padding:0 0;}#yiv7838030360 #yiv7838030360ygrp-mkp .yiv7838030360ad p {margin:0;}#yiv7838030360 #yiv7838030360ygrp-mkp .yiv7838030360ad a {color:#0000ff;text-decoration:none;}#yiv7838030360 #yiv7838030360ygrp-sponsor #yiv7838030360ygrp-lc {font-family:Arial;}#yiv7838030360 #yiv7838030360ygrp-sponsor #yiv7838030360ygrp-lc #yiv7838030360hd {margin:10px 0px;font-weight:700;font-size:78%;line-height:122%;}#yiv7838030360 #yiv7838030360ygrp-sponsor #yiv7838030360ygrp-lc .yiv7838030360ad {margin-bottom:10px;padding:0 0;}#yiv7838030360 #yiv7838030360actions {font-family:Verdana;font-size:11px;padding:10px 0;}#yiv7838030360 #yiv7838030360activity {background-color:#e0ecee;float:left;font-family:Verdana;font-size:10px;padding:10px;}#yiv7838030360 #yiv7838030360activity span {font-weight:700;}#yiv7838030360 #yiv7838030360activity span:first-child {text-transform:uppercase;}#yiv7838030360 #yiv7838030360activity span a {color:#5085b6;text-decoration:none;}#yiv7838030360 #yiv7838030360activity span span {color:#ff7900;}#yiv7838030360 #yiv7838030360activity span .yiv7838030360underline {text-decoration:underline;}#yiv7838030360 .yiv7838030360attach {clear:both;display:table;font-family:Arial;font-size:12px;padding:10px 0;width:400px;}#yiv7838030360 .yiv7838030360attach div a {text-decoration:none;}#yiv7838030360 .yiv7838030360attach img {border:none;padding-right:5px;}#yiv7838030360 .yiv7838030360attach label {display:block;margin-bottom:5px;}#yiv7838030360 .yiv7838030360attach label a {text-decoration:none;}#yiv7838030360 blockquote {margin:0 0 0 4px;}#yiv7838030360 .yiv7838030360bold {font-family:Arial;font-size:13px;font-weight:700;}#yiv7838030360 .yiv7838030360bold a {text-decoration:none;}#yiv7838030360 dd.yiv7838030360last p a {font-family:Verdana;font-weight:700;}#yiv7838030360 dd.yiv7838030360last p span {margin-right:10px;font-family:Verdana;font-weight:700;}#yiv7838030360 dd.yiv7838030360last p span.yiv7838030360yshortcuts {margin-right:0;}#yiv7838030360 div.yiv7838030360attach-table div div a {text-decoration:none;}#yiv7838030360 div.yiv7838030360attach-table {width:400px;}#yiv7838030360 div.yiv7838030360file-title a, #yiv7838030360 div.yiv7838030360file-title a:active, #yiv7838030360 div.yiv7838030360file-title a:hover, #yiv7838030360 div.yiv7838030360file-title a:visited {text-decoration:none;}#yiv7838030360 div.yiv7838030360photo-title a, #yiv7838030360 div.yiv7838030360photo-title a:active, #yiv7838030360 div.yiv7838030360photo-title a:hover, #yiv7838030360 div.yiv7838030360photo-title a:visited {text-decoration:none;}#yiv7838030360 div#yiv7838030360ygrp-mlmsg #yiv7838030360ygrp-msg p a span.yiv7838030360yshortcuts {font-family:Verdana;font-size:10px;font-weight:normal;}#yiv7838030360 .yiv7838030360green {color:#628c2a;}#yiv7838030360 .yiv7838030360MsoNormal {margin:0 0 0 0;}#yiv7838030360 o {font-size:0;}#yiv7838030360 #yiv7838030360photos div {float:left;width:72px;}#yiv7838030360 #yiv7838030360photos div div {border:1px solid #666666;height:62px;overflow:hidden;width:62px;}#yiv7838030360 #yiv7838030360photos div label {color:#666666;font-size:10px;overflow:hidden;text-align:center;white-space:nowrap;width:64px;}#yiv7838030360 #yiv7838030360reco-category {font-size:77%;}#yiv7838030360 #yiv7838030360reco-desc {font-size:77%;}#yiv7838030360 .yiv7838030360replbq {margin:4px;}#yiv7838030360 #yiv7838030360ygrp-actbar div a:first-child {margin-right:2px;padding-right:5px;}#yiv7838030360 #yiv7838030360ygrp-mlmsg {font-size:13px;font-family:Arial, helvetica, clean, sans-serif;}#yiv7838030360 #yiv7838030360ygrp-mlmsg table {font-size:inherit;font:100%;}#yiv7838030360 #yiv7838030360ygrp-mlmsg select, #yiv7838030360 input, #yiv7838030360 textarea {font:99% Arial, Helvetica, clean, sans-serif;}#yiv7838030360 #yiv7838030360ygrp-mlmsg pre, #yiv7838030360 code {font:115% monospace;}#yiv7838030360 #yiv7838030360ygrp-mlmsg * {line-height:1.22em;}#yiv7838030360 #yiv7838030360ygrp-mlmsg #yiv7838030360logo {padding-bottom:10px;}#yiv7838030360 #yiv7838030360ygrp-msg p a {font-family:Verdana;}#yiv7838030360 #yiv7838030360ygrp-msg p#yiv7838030360attach-count span {color:#1E66AE;font-weight:700;}#yiv7838030360 #yiv7838030360ygrp-reco #yiv7838030360reco-head {color:#ff7900;font-weight:700;}#yiv7838030360 #yiv7838030360ygrp-reco {margin-bottom:20px;padding:0px;}#yiv7838030360 #yiv7838030360ygrp-sponsor #yiv7838030360ov li a {font-size:130%;text-decoration:none;}#yiv7838030360 #yiv7838030360ygrp-sponsor #yiv7838030360ov li {font-size:77%;list-style-type:square;padding:6px 0;}#yiv7838030360 #yiv7838030360ygrp-sponsor #yiv7838030360ov ul {margin:0;padding:0 0 0 8px;}#yiv7838030360 #yiv7838030360ygrp-text {font-family:Georgia;}#yiv7838030360 #yiv7838030360ygrp-text p {margin:0 0 1em 0;}#yiv7838030360 #yiv7838030360ygrp-text tt {font-size:120%;}#yiv7838030360 #yiv7838030360ygrp-vital ul li:last-child {border-right:none !important;}#yiv7838030360





[Non-text portions of this message have been removed]
Sven Guckes maillists-yahoo@guckes.net [sed-users]
2016-01-19 01:58:29 UTC
Permalink
Post by ***@att.net [sed-users]
I have a question on how to find world writable files.
is there something else I can add to make
sure all the world writable files are found?
zsh> ls -l **/*(.W)
thanks for responding...pretty cool -
[but] I'm using bash not zsh though.
bash: syntax error near unexpected toke
for bash set the option "globstar":
$ shopt -s globstar
$ ls -l **/*

see also:
$ man bash
/Pattern Matching

hmm.. not sure whether bash has any
globbing qualifiers like zsh, though.

not quite sure what your goal was.
but it was about removing the world-writable
permisison for all file under "/selinux"?

zsh> chmod o-w $(ls /selinux/**/*(.W))

yes, the expanded list might be too long.
so using "find" for that is quite okay.

but why would you use "sed" here?
please describe your goal, too!

ps: please delete any unneccesarily
cited text before posting - thankyou.

Sven
Daniel Goldman dgoldman@ehdp.com [sed-users]
2016-01-19 02:44:02 UTC
Permalink
Not clear what you are trying to do. If you would more clearly explain
your goal, with an example someone could replicate, it would help.

You say "I'm not completely getting all of the world writible system
files". Well, what are you getting? Again, an example would help.

sed -i '/pattern/d' /etc/rc.local is going to delete matching lines from
/etc/rc.local file. Is that really what you want? I don't think so. In
any case, it's not going to delete any lines, because the pattern is not
going to match.

I would suggest one runs "find" to find world-writable files. sed is
very powerful and useful, but I don't see what it has to do with this
particular exercise. Maybe I'm missing something?

Daniel

======================================= original post

I have a question on how to find world writable files.

sed -i '/find \/selinux -type f -perm +0002 -exec chmod o-w {} \\;/d'
/etc/rc.local

sed -i '/find \/ -perm -2 -a \\( -type d -o -type f \\) -exec ls -ld {}
\\;/d' /etc/rc.local

is there something else I can add to make sure all the world writable
files are found?
sharma__r@hotmail.com [sed-users]
2016-01-19 06:25:48 UTC
Permalink
What is the "sed"(a text editor) invocation doing in there :-/ Since you are interested in finding world-writable directories then "find" can do that for you very simply, like as,



find . -type d -perm -2


or,


find . -type d -perm /o+w


[Non-text portions of this message have been removed]
Cameron Simpson cs@zip.com.au [sed-users]
2016-01-25 19:29:34 UTC
Permalink
Post by JASON DIMAGIBA ***@att.net [sed-users]
Post by Sven Guckes maillists-***@guckes.net [sed-users]
zsh> ls -l **/*(.W)
bash: syntax error near unexpected toke
Nothing prevents yu writing a small script:

#!/bin/zsh
ls -l **/*(.W)

and using it. Bash is not the world you know, and your interactive shell does
not restrict what you can use.

Cheers,
Cameron Simpson <***@zip.com.au>

Loading...