find / -perm -777 -print
I think that should do it. For more details than any sane person could want, do 'man find' ;-)
Rusty
> -----Original Message-----
> From: plug-discuss-bounces@lists.plug.phoenix.az.us [mailto:plug-
> discuss-bounces@lists.plug.phoenix.az.us] On Behalf Of
> joe@actionline.com
> Sent: Wednesday, August 08, 2012 7:09 PM
> To: Main PLUG discussion list
> Subject: Question about rwxrwxrwx files and/or dirs
>
>
> Question about rwxrwxrwx files and/or dirs
>
> Lisa's reply to Keith prompted me to wonder if I perhaps had any
> rwxrwxrwx
> files or drwxrwxrwx directories on my system that might be a security
> risk. So, while I don't know how to search the entire hard disk for
> such
> files, I used variants of the following syntax to search for some.
>
> $ ls -ltr */* | fgrep rwxrwxrwx
> srwxrwxrwx 1 joe joe 0 Aug 7 11:35 mysql.socket=
>
> Another similar found this:
> srwxrwxrwx 1 joe joe 0 Aug 7 11:35 tmp/akonadi-
> joe.nMNQOV/mysql.socket=
>
> Another similar found this: /home/joe/mydata/graphics/psp
> drwxrwxrwx 3 joe 4096 Dec 12 2003 Freebies
>
> Another similar found a whole lot of: lrwxrwxrwx
>
> Do any of these suggest a security risk?
> Is there a better way to search more comprehensively for others?
> What, if anything, could I or should I do to eliminate a risk?
>
>
> ---------------------
> Lisa replied to Keith, in part:
> > Here's more on it:
> > http://wordpress.org/support/topic/advanced-problem-image-upload
> >
> > http://wordpress.org/support/topic/151290
> >
> > Solution:
> >
> > You need to use "chmod 777" for uploads to work.
> >
> > Security Issues:
> >
> > This is a security risk of course, since there are many spider
> scrapers
> > looking for an open permission directory to be able to write, say a
> fake
> > Phishing Site page for UPS with an email results script.
> >
> > Solution: (from Wordpress documentation):
> >
> > Base image directory
> >
> > The base image directory must be world writable i.e.: chmod 777
> > Base image URL
> >
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss