Ron Bramblett wrote:
Original Question (Which by the way was the wrong question on my part)
> How do I find all SUID bits on files, Does something like sys_check log
> all these types of files?? I have previous sys_check results I can
> compare my after sys_check results to.
Repsonses Included:
Tru64 User wrote:
> Not sure how to answer the whole question, but to find
> suid files, do
>
> find /<dir> -perm -4000 -print
> and for sgid files, it will be (-2000)
> Richard
> Good luck with it
> Scott Mutchler
> Gordon Food Service
J Bacher wrote:
> --------------------------------------------------
> Joao Marcio Leonel Ferreira-Centro de Computacao.
> Instituto de Fisica da Universidade de Sao Paulo.
> Rua do Matao,Travessa R, 187-Cidade Universitaria.
> CEP:05389-970 - Sao Paulo, SP. Telefone:818-6810.
> --------------------------------------------------
"Sylvester, Dennis" wrote:
> This will find all SGID and SUID files on the system....adjust
> accordingly:
> find / -type f \( -perm -2000 -o -perm 4000 \) -print
Ann Majeske wrote:
> For the system files, see "man fverify"
James Sainsbury wrote:
> I am not sure if this is what you are asking but
> to list all the suid/sgid files in a filesystem
> setuid: find /fs -xdev -type f -perm -4000 -ls
> setgid: find /fs -xdev -type f -perm -2000 -ls
> To select executables only
> eg
> find /fs -xdev -type f \( -perm -4111 -o -perm -4110 -o -perm -4100 \)
> -ls
> Or you may be interested in fverify to verify and fix the ownership/perms
>
> of installed subsets.
Joerg Bruehe wrote:
> "man find", options "-user 0" and "-perm -4000"
> (please check on a known setuid-root file).
> AFAIR, on my (4.0 f) machine the sys_check output does not list them.
> --
> Joerg Bruehe, SQL Datenbanksysteme GmbH, Berlin, Germany
> (speaking only for himself)
> mailto: joerg_at_sql.de
pablo.sanz_at_uam.es wrote:
> How do I find all SUID bits on files,
> # cd
> # find . -perm -4000 -print
> Be carefull with "-" before the octal number (4000), with it you
> are going to find all SUID files, without it only files with 4000
> permissions.
> The find man page will give you more information.
> Pablo
> ---
> http://rincon.uam.es/dir?cw=284899902343750
Now for the real Key answer.
Because I had removed the domain and mount point of the file system
where these files reside the following question was asked.
"Williford, Blake" wrote:
> interesting...
> What are the permissions on the mount point?
Once I changed the mount point permissions back to the original permissions
everything worked.
--
Ron Bramblett, Sys Admin
Fuller Brush Company
Received on Thu Oct 11 2001 - 13:27:39 NZDT