File/folder Write/Delete wise, is my server secure?
Posted
by
acidzombie24
on Super User
See other posts from Super User
or by acidzombie24
Published on 2011-03-08T22:01:28Z
Indexed on
2011/03/09
0:13 UTC
Read the original article
Hit count: 222
I wanted to know if someone got access to my server by using a nonroot account, how much damage can he do?
After i su someuser
I used this command to find all files and folders that are writeable.
find / -writable >> list.txt
Here is the result. Its most /dev/something and /proc/something and these
/var/lock
/var/run/mysqld/mysqld.sock
/var/tmp
/var/lib/php5
Is my system secure? /var/tmp makes sense but i am unsure why this user has write access to those folders. Should i change them?
stat /var/lib/php5
gives me 1733 which is odd. Why write access? why no read? is this some kind of weird use of a temp file?
© Super User or respective owner