File/folder Write/Delete wise, is my server secure?

Posted by acidzombie24 on Super User See other posts from Super User or by acidzombie24
Published on 2011-03-08T22:01:28Z Indexed on 2011/03/09 0:13 UTC
Read the original article Hit count: 222

Filed under:
|

I wanted to know if someone got access to my server by using a nonroot account, how much damage can he do?

After i su someuser I used this command to find all files and folders that are writeable.

find / -writable >> list.txt

Here is the result. Its most /dev/something and /proc/something and these

/var/lock
/var/run/mysqld/mysqld.sock
/var/tmp
/var/lib/php5

Is my system secure? /var/tmp makes sense but i am unsure why this user has write access to those folders. Should i change them?

stat /var/lib/php5 gives me 1733 which is odd. Why write access? why no read? is this some kind of weird use of a temp file?

© Super User or respective owner

Related posts about linux

Related posts about security