How to find files with specific permissions?

TOC

Table of Contents

Overview

You may need to find files with specific permissions in a Linux server for audit and security reasons. You can use the Linux find command to achieve this task.

Solution

The following command can be used to find files with (group or other or both) writable permission and SET UID set.

# find / -perm /022 -and -perm -4000 -exec ls -ldb {} ;
                        ^^^^                       ^
                        | | | |                           |-- So the SUID is 4
                        | | | |-- Other is writable (2)
                        | | |--Group permission is writable (2)
                        | |-- No owner permission mentioned (0)
                       |-- As the logic is OR - group or other or both

You can use the following command to list files with other writable excluding sticky bit sets.

# find / -perm -002 -and -perm -1000 -exec ls -ldb {} ;

Use the following command to list files with other writable excluding sticky bit set.

# find / -perm -002 -not -perm -1000 -exec ls -ldb {} ;

The following command can be used to list files with (group + other) writable and SET GID set.

# find / -perm -2022 -exec ls -ldb {} ;

The Find command to list files with (group + other) writable permission and SET UID set.

# find / -perm -4022 -exec ls -ldb {} ;

Command to list files with other writable and sticky bit sets.

# find / -perm -1002 -exec ls -ldb {} ;

Command to list files with other writable excluding sticky bit set.

# find / -perm -002 -not -perm -1000 -exec ls -ldb {} ;