Webwitch
asked on
Running a report from .profile against 600 in bindview
Hello, I have been given a task to run a report in bindview . The report should list all user profiles which are updatable by other users. ie: all files called .profile where the file mode is something other than 600. How would I do this? - or what AIX command could I run (just to create a manual report in AIX)?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
# Find .profile writeable by group OR others
find / -name .profile \( -perm -g+w -o -perm -o+w \) -ls
# Find .profile where permissions are not 600
find / -name .profile ! -perm 600 -ls
# So what's wrong with permissions 700? Or 755? Your call ;-)
find / -name .profile \( -perm -g+w -o -perm -o+w \) -ls
# Find .profile where permissions are not 600
find / -name .profile ! -perm 600 -ls
# So what's wrong with permissions 700? Or 755? Your call ;-)
You are going to want to stick to specifying the permissions in octal since you know exactly what you want (600). The above solution using symbolic permissions does not take read or execute permission into consideration. It can be done with symbolic, but it will produce quite a long command.
My other issue is why are the solutions checking from root directory? Do you really need to check the entire system (including mounted filesystems)? This could take quite a long time. User profiles are in their HOME directories. If you have organized them into a common parent, then specify it as the path to find. If you have more than one location for user's HOME directories, you can specify more than one path to search for find to look in.
Your call.
My other issue is why are the solutions checking from root directory? Do you really need to check the entire system (including mounted filesystems)? This could take quite a long time. User profiles are in their HOME directories. If you have organized them into a common parent, then specify it as the path to find. If you have more than one location for user's HOME directories, you can specify more than one path to search for find to look in.
Your call.
find / -name .profile -perm -og+rw -ls