Find weak file permissions on a shared drive

There are two reasons you want to find weak file permissions on a drive shared with other users:

  1. You want to protect your files from other users.
  2. You want to prank other users by modifying their files

Find the files

The find command is the start. With this command, you can search every file and select or eliminate files you do not want.

  • The option -perm is how you will find the permissions you want.
  • The option -not will negate the results, which can be useful if you modify the script.

Permission Groups

  • u = user
  • g = group
  • a = everyone

File Permissions

  • r = readable
  • w = writeable
  • x = executable

-perm options

  • -perm mode = exact permission bits
  • -perm -mode = all permission bits
  • -perm +mode = any permission bits #1
  • -perm /mode = any permission bits #2

The mode is a combination of the Permission Groups and File Permissions. Normally written in octal format, using letters is easier to understand.

  1. Find files readable for everyone
    • find /path -perm /a+r
  2. Find files writable for everyone
    • find /path -perm /a+w
  3. Find files writable and readable for everyone
    • find /path -perm /a+r -perm /a+w
    • find /path -perm -600

You should not care about files that are executablle.

Pranks to Play

The best pranks that do not harm another user is to change their .alias or .bashrc file.

Modifying the .alias file will change some of their common commands just slightly. For example, adding this to .alias will really confuse them when they run their ls command.

alias ls='echo "Learn Permissions"; ls'

Modifying the .bashrc file will run each time they open their terminal. This one will likely stick around longer because they will see it only once a day. Here is something you can add to .bashrc file.

echo "Learn Permissions";

Sources

Advertisements
This entry was posted in How-To, Linux and tagged , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s