Linux / UNIX Find All World-Writable Directories Have Sticky Bits Set

How do I find out all world writable directories have sticky bits set under CentOS Linux server?

If sticky bit is set on a directory, only the owner of a given file may remove that file from the directory. Without the sticky bit, any user with write access to a directory may remove any file in the directory. Setting the sticky bit prevents users from removing each other’s files. /tmp directory always set with stick bit on.

You can easily locate all directories which are world-writable and do not have their sticky bits set. The following command will discover and print these for /webroot directory:
# find /webroot -xdev -type d \( -perm -0002 -a ! -perm -1000 \) -print
If above command produces any output, fix each reported directory /dir using the chmod command (be careful with the following command):
# find /webroot -xdev -type d \( -perm -0002 -a ! -perm -1000 \) -print0| xargs -0 chmod +t
OR better solution is review each directory and set permission as per requirements:
# chmod +t /path/to/dir
Personally, I prefer to remove permission from all such directories except required directories such as /tmp. Also some application requires world writable directories. So, if a directory is used by a particular application, consult that application’s documentation instead of blindly changing modes using xargs.


🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 3 comments so far... add one

CategoryList of Unix and Linux commands
Disk space analyzersncdu pydf
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
3 comments… add one
  • EMarsh Jan 16, 2012 @ 5:33

    Thank you for the tips

  • M.Pasha Dec 13, 2017 @ 9:43

    Hi Vivek,

    I am working to remediate vulnerability which is “World writable files exist” in one of my linux server.

    There multiple applications are having full permission. Do I need to change the permission of dir or set the sticky bit to the dir.?

    Thanks.

    • 🐧 Vivek Gite Dec 13, 2017 @ 19:25

      Yes. Usually app should be configured and written such way to disallow this. It needs to be done at system level. Always keep backups before running chmod/chown command.

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum