File System Checks

From Exterior Memory
Jump to: navigation, search

File System Checks

Examples of find tool

Check file permissions: Most files should be -rw-r-----, most dirs drwxr-x---

Check for files or dirs that are world readable

find . -perm +o+r
find . -perm +004

Check for files or dirs that are not world readable

find . -perm -o-r
find . -perm -004
find . -perm -o-r -exec chmod go+r {} \;

Check for files or dirs that are world writeable

find . -perm +o+w
find . -perm +002
find . -perm +002 -exec ls -ld {} \;
find . -perm +002 -exec chmod o-w {} \;
find . -perm +022 -exec chmod go-w {} \;
find . -perm +002 ! -type l

Check for files that have the x bit set

find . -type f -perm +111
find . -type f -perm +111 ! -name *.cgi -exec chmod a-x {} \;
find . -type f -perm +111 -exec setexecutablepermssion.sh {} \;

see below for content of setexecutablepermssion.sh

Check for dirs with the r or x bit not set for user or group (ignore other)

find . -type d ! -perm -550
find . -type d ! -perm -550 -exec chmod ug+rx {} \;
find . -type d ! -perm -555 -exec chmod a+rx {} \;

Check for files or dirs that are group writeable, without the group s-bit set

find . -perm +020 ! -perm +2000
find . -perm +020 ! -perm +2000 -exec ls -ld {} \;

Check for executable files with an s-bit set

find . -type f -perm +111 -perm +6000
find /bin /sbin /usr -type f -perm +111 -perm +6000
find /bin /sbin /usr -type f -perm +111 -perm +4000 -user root -exec ls -l {} \;
find /bin /sbin /usr -type f -perm +111 -perm +2000 -group root -exec ls -l {} \;

Check for files with settings other then -rw-r-----

find . -type f ! -perm 640

Check for files with settings other then -rw-r--r--

find . -type f ! -perm 644

Check for files with settings other then -rw-rwSr--

find . -type f ! -perm 4644

Check for files with settings other then -rwSrwSr--

find . -type f ! -perm 6644

Check for dirs with settings other then drwxr-x---

find . -type d ! -perm 750

Check for dirs with settings other then drwxr-xr-x

find . -type d ! -perm 755

Check for dirs with settings other then drwxrwsr-x

find . -type d ! -perm 4755

Check for owner other then freek

find . ! -user freek
find . ! -user freek -exec ls -ld {} \;

Check for owner other then shares

find . ! -user shares

Check for files without known user

find . -nouser

setexecutablepermssion.sh

#!/bin/sh
if [ -z $1 ]; then
    echo "usage: find . -type f -perm +111 -exec $0 {} \;"
    echo "Checks if file is executable, and if not, removes executable bit"
    echo "Depends on the 'file' program"
    exit 1;
fi
# usage: find . -type f -perm +111 -name -exec $0 {} \;
if file $1 | sed "s/.*: //" | grep executable > /dev/null 2>&1; then
    echo "$1 is executable"
else
    echo "$1 is just a regular file; remove executable bit"
    chmod a-x "$1"
fi