$ Linux One Liners
Back to commands

Cybersecurity Triage

Read-only, can be slow

Find World-Writable Web Directories

You need to find directories under a web root that anyone can write to.

Command

find srv/www -type d -perm -0002 -print

Before you run this

System impact: Read-only. Can create load on large logs, directories, filesystems, or process tables.

When not to use it: Do not chmod paths blindly; confirm application requirements and ownership first.

Expected output

World-writable directories under srv/www.

System impact

Read-only, can be slow. Nothing changes. The command prints directories with the world-writable bit set.

Scope this to the smallest useful path or service on busy systems.

Recovery / rollback: no state is changed.

When to use it

Use during server hardening, web incident triage, or after upload-path changes.

When not to use it

Do not chmod paths blindly; confirm application requirements and ownership first.

Explanation-only example

Illustrated output, not a live lab run

This example is intentionally illustrative. It shows the command shape without killing real processes or changing your machine.

demo@lab:~$

$ find srv/www -type d -printf '%m %p\n' | sort

750 srv/www/private
755 srv/www
777 srv/www/uploads

$ find srv/www -type d -perm -0002 -print

srv/www/uploads
View commands shown

These are the commands shown in the sanitized transcript.

Commands shown

  1. find srv/www -type d -printf '%m %p\n' | sort
  2. find srv/www -type d -perm -0002 -print

next steps

Related commands

Cybersecurity Triage Can be slow

Find Writable Directories Missing the Sticky Bit

A writable log directory is not the same thing as a safe shared directory.

find fixtures/perm-audit -type d -perm -0002 ! -perm -1000 -printf '%m %u:%g %p\n' | sort
Cybersecurity Triage Can be slow

Find Upload Files Writable Outside the Owner

Uploads are supposed to be writable at the edge, not writable forever by everyone.

find fixtures/perm-audit/releases/2026-06-25/uploads -type f -perm /0022 -printf '%M %u:%g %p\n' | sort
Cybersecurity Triage Can be slow

Find Config Files with Execute Bits

Config files do not usually need to be executable.

find fixtures/perm-audit -type f -perm /111 \( -path '*/config/*' -o -name '*.env' -o -name '*.conf' \) -printf '%M %u:%g %p\n' | sort
Cybersecurity Triage Sensitive output

Find World-Readable Secret-Looking Files

The fastest secret audit starts with readable files that look like secrets.

find fixtures/perm-audit -type f -perm -0004 \( -iname '*secret*' -o -iname '*.env' -o -iname '*token*' -o -iname '*key*' \) -printf '%M %u:%g %p\n' | sort
Study mapping

Use this as independent command practice: read the notes, predict the output, then compare it with the example before using a real shell.

  • lpic1:103-gnu-unix-commands
  • lpic1:104-filesystems-permissions-fhs
  • lpic1:110-security
  • lfcs:essential-commands
  • lfcs:security-hygiene
  • lfcs:storage
  • linuxplus:automation-scripting
  • linuxplus:provisional
  • linuxplus:system-management
  • risk:read-only

Useful for

  • LPIC-1 style command-line practice
  • LFCS style performance tasks
  • Linux+ style troubleshooting review

Independent study support only. No affiliation, endorsement, exam dumps, or real exam questions.