Running msec on one of my Mageia Linux machines turned up a number of world-writable files. These are potential security problems, especially on a machine that faces the Internet. The obvious solution was to use chmod to remove any world writable permissions.
But there's the problem. The chmod command has a recursive directive, -R, that would work except that it would change permissions on the directories as well. After all in *NIX, all directories are files.
Thanks to my friends at TWUUG, I discovered that the find command, used with its -exec directive could accomplish what I wanted.
find /xxx -type f -exec chmod o=-w {} + ;
Breaking this down:
find - the find command itself. Depending on what files you are modifying, you may need to be root.
/xxx - the path to where the files are located.
-type f - this tells find to look for files; type d would tell it to look for directories.
-exec - this directive tells find to execute the command that follows, in this case:
chmod - the command that will change permissions.
o=-w - the directive to chmod that sets the permissions of others to not writable. You can use whatever incantations of permissions that you need (see man chmod).
{} + - this appends each file selected by the find command to those that chmod will act upon.
`\' - Note: these characters are used to protect the expansion started by {} from the shell. I found that not only was it unnecessary on my Mandriva system, including it would cause the command to fail. YMMV.
; - this terminates the command.
Comments