#!/bin/bash # Script to locate world writable files. # The find command ignores /proc files, /dev files # (hundreds of these are correctly world writable), # Symbolic (soft) links (which should have mode 777), # directories with the sticky (save text) bit on, and # sockets, as that is relatively safe. Note that #/dev should be cleaned out so that this script can #look there too. # # Written 2003 by Wayne Pollock, Tampa Florida USA. # Updated to support interactive mode, 5/2004. # $Id: find-world-writable,v 1.2 2004/05/06 21:38:28 wpollock Exp $ # find /home -type f -perm +0002 -exec chmod o-w '{}' \; function prompt() { ls -ld "$1" if test "$MODE" != "interactive" then return fi echo -n 'r to remove, c to "chmod o-w", else skip: ' read ans if test "$ans" = "r" then /bin/rm "$1" elif test "$ans" = "c" then /bin/chmod o-w "$1" fi } case "$1" in -r) MODE=interactive ;; "") MODE=list ;; *) echo "Usage: ${0##*/} [ -r ]" echo -n "the -r option allows interactive removal" echo " or mode changing of the files" exit 1 ;; esac FILES=`/usr/bin/find / -path '/proc' -prune \ -o -path '/dev' -prune \ -o -perm -2 ! -type l ! -type s \ ! \( -type d -perm -1000 \) -print` for file in $FILES do prompt $file done