[Next] [Previous] [Up] [Top] [Contents]

CHAPTER 28 System Security

28.6 File and Directory Permissions

Use the chmod, chgrp, and chown commands to set the correct file and directory permissions.

Shell scripts should NOT be run setuid or setgid. Use find to search your directories for setuid/setgid files, e.g.:

find / -type f -a \( -perm -4000 -o -perm -2000 \) -print

where find looks for any regular file (-type f) that also (-a = and) has either permission bits set for setuid (4000) or (-o) setgid (2000), and prints the names of those found. When doing a long listing (ls -al) file permissions will look like:

Octal Owner/Group/Other
755 rwxr-xr-x
4755 rwsr-xr-x
2755 rwxr-sr-x
644 rw-r--r--
4644 rwSr--r--
2644 rw-r-Sr--

In this listing the s and S indicate setuid/setgid permissions.

Unix System Administration - 8 AUG 1996
[Next] [Previous] [Up] [Top] [Contents]