I always seem to need a way to dig through directories and find permissions that are more or less restrictive. I couldn’t seem to figure out how to do it with “find -perm” so I decided to write a perl script to utilize a simple find piped to ls -la.
Enjoy.
As a perl script
#!/usr/bin/perl
my @array = `find $ARGV[0] -type f \\( ! -iname "." -or ! -iname ".." \\) | xargs ls -la`;
foreach(@array)
{
my @line = split(/\s+/, $_);
my $perms = $line[0];
my $file = $line[8];
chomp($file);
my @perm = split(//, $perms);
my $match = 0;
$match++ if ( $perm[0] ne '-' );
$match ++ if ( $perm[3] ne '-' );
$match++ if ( "$perm[5]$perm[6]" ne '--' );
$match++ if ( "$perm[7]$perm[8]$perm[9]" ne '---' );
$permstr = join '', @perm;
print "$file ($permstr More Permissive than -rw-r-----)\n" if ( $match > 0 );
}
A one liner
perl -e 'my @array = `find /var/log/ -type f \\( ! -iname "." -or ! -iname ".." \\) | xargs ls -la`;foreach(@array){my @line = split(/\s+/, $_);my $perms = $line[0];my $file = $line[8];chomp($file);my @perm = split(//, $perms);my $match = 0;$match++ if ( $perm[0] ne "-" );$match ++ if ( $perm[3] ne "-" );$match++ if ( "$perm[5]$perm[6]" ne "--" );$match++ if ( "$perm[7]$perm[8]$perm[9]" ne "---" );$permstr = join "", @perm;print "$file ($permstr More permissive than -rw-r-----)\n" if ( $match > 0 );}'
Here is an example output
/var/log/sa/sa16 (-rw-r--r-- More Permissive than -rw-r-----) /var/log/sa/sa17 (-rw-r--r-- More Permissive than -rw-r-----) /var/log/sa/sa18 (-rw-r--r-- More Permissive than -rw-r-----) /var/log/sa/sa19 (-rw-r--r-- More Permissive than -rw-r-----) /var/log/sa/sa20 (-rw-r--r-- More Permissive than -rw-r-----) /var/log/sa/sa21 (-rw-r--r-- More Permissive than -rw-r-----) /var/log/sa/sa22 (-rw-r--r-- More Permissive than -rw-r-----) /var/log/sa/sa23 (-rw-r--r-- More Permissive than -rw-r-----) /var/log/sa/sa24 (-rw-r--r-- More Permissive than -rw-r-----) /var/log/sa/sar15 (-rw-r--r-- More Permissive than -rw-r-----) /var/log/sa/sar16 (-rw-r--r-- More Permissive than -rw-r-----) /var/log/sa/sar17 (-rw-r--r-- More Permissive than -rw-r-----) /var/log/sa/sar18 (-rw-r--r-- More Permissive than -rw-r-----) /var/log/sa/sar19 (-rw-r--r-- More Permissive than -rw-r-----) /var/log/sa/sar20 (-rw-r--r-- More Permissive than -rw-r-----) /var/log/sa/sar21 (-rw-r--r-- More Permissive than -rw-r-----) /var/log/sa/sar22 (-rw-r--r-- More Permissive than -rw-r-----) /var/log/sa/sar23 (-rw-r--r-- More Permissive than -rw-r-----) /var/log/wtmp (-rw-rw-r-- More Permissive than -rw-r-----)
Gheek.net 
Leave a Reply