$ Linux One Liners
Back to lessons

Cybersecurity Triage

Find World-Writable Web Directories

You need to find directories under a web root that anyone can write to.

Command

find srv/www -type d -perm -0002 -print

What changed

Nothing changes. The command prints directories with the world-writable bit set.

Danger

safe

When to use it

Use during server hardening, web incident triage, or after upload-path changes.

When not to use it

Do not chmod paths blindly; confirm application requirements and ownership first.

Undo or recovery

No undo needed because this command is read-only.

Expected output

World-writable directories under srv/www.

demo script

Disposable terminal steps

  1. find srv/www -type d -printf '%m %p\n' | sort
  2. find srv/www -type d -perm -0002 -print
Terminal transcript Demo JSON

simulated output

What it looks like

disposable vessel 
::fixture-ready::
$ find srv/www -type d -printf '%m %p\n' | sort
750 srv/www/private
755 srv/www
777 srv/www/uploads
::exit-code::0
$ find srv/www -type d -perm -0002 -print
srv/www/uploads
::exit-code::0

YouTube Short

Find writable web dirs.

Search the web root for world-writable directories, then review whether each one is truly required.

LinkedIn hook

World-writable web paths deserve immediate review.

Question: Do you audit world-writable web directories after deploys?

experiments

A/B tests to run

Metric: save_rate

A: Writable web paths.

B: Review before chmod.