Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Find suid and gid files under root

Tags:

find

command

unix

I’m looking for find command arguments to find all files under the / that have setuid and setgid privileges. I have find / ??? so far.

like image 823
su. Avatar asked Feb 03 '10 05:02

su.


People also ask

Where is SUID bit in Linux?

The simplest way to check if a file has the setuid bit set is to use ls -l </path/to/the/file>. If there is an "s" in the execute field for the user, the sticky bit is set. For example, we can see this with the passwd executable on most *nix systems.

What are SUID and SGID files?

SUID(Set-user Identification) and SGID(Set-group identification) are two special permissions that can be set on executable files, and These permissions allow the file being executed to be executed with the privileges of the owner or the group. SUID: It is special file permission for executable files.

How do you find files that have specific permissions?

The -perm parameter of the find command can be used to find the files with specific permissions. The 2 ways to specify the permissions with the -perm parameter are : -perm -mode --- All of the permission bits mode are set for the file. -perm /mode --- Any of the permission bits mode are set for the file.

What is SUID command?

Commonly noted as SUID, the special permission for the user access level has a single function: A file with SUID always executes as the user who owns the file, regardless of the user passing the command. If the file owner doesn't have execute permissions, then use an uppercase S here.


1 Answers

setuid or setgid (GNU findutils):

find / -perm /6000

setuid or setgid (POSIX):

find / -perm -4000 -o -perm -2000

setuid and setgid:

find / -perm -6000
like image 122
Sean Bright Avatar answered Sep 24 '22 09:09

Sean Bright