Cybersecurity Triage

Find Upload Files Writable Outside the Owner

You need to find uploaded files that group or other users can still modify.

Command

find fixtures/perm-audit/releases/2026-06-25/uploads -type f -perm /0022 -printf '%M %u:%g %p\n' | sort

What changed

Nothing changes. The command reports files writable by group or other.

Danger

safe

When to use it

Use when reviewing upload directories, generated exports, shared cache files, or restored media.

When not to use it

Do not assume every group-writable upload is wrong without checking the service group model.

Undo or recovery

No undo needed because this command is read-only.

Expected output

Upload files with group-write or other-write permission bits.

demo script

Disposable terminal steps

find fixtures/perm-audit/releases/2026-06-25/uploads -type f -printf '%M %u:%g %p\n' | sort
find fixtures/perm-audit/releases/2026-06-25/uploads -type f -perm /0022 -printf '%M %u:%g %p\n' | sort

Terminal transcript Demo JSON

simulated output

What it looks like

disposable vessel

::fixture-ready::
$ find fixtures/perm-audit/releases/2026-06-25/uploads -type f -printf '%M %u:%g %p\n' | sort
-rw-r--r-- root:root fixtures/perm-audit/releases/2026-06-25/uploads/orphaned-upload.txt
-rw-rw-r-- root:root fixtures/perm-audit/releases/2026-06-25/uploads/customer-export.csv
::exit-code::0
$ find fixtures/perm-audit/releases/2026-06-25/uploads -type f -perm /0022 -printf '%M %u:%g %p\n' | sort
-rw-rw-r-- root:root fixtures/perm-audit/releases/2026-06-25/uploads/customer-export.csv
::exit-code::0

YouTube Short

Find writable uploads.

Upload directories are noisy. Start by listing files that someone besides the owner can still modify.

experiments

A/B tests to run

Metric: save_rate

A: Writable uploads deserve review.

B: The directory is not the whole upload risk.