Searching for world-writable files and directories from the command-line

World-writable permissions are the equivalent of an unlocked door. They require trust and nothing online should bear the weight of that expectation.

Why are they so bad?

World-writable permissions are also commonly referred to by their binary equivalent of “777”, for which the digits represents the permission level for each of the three possible users:

  1. file owner
  2. group of authorized users
  3. everyone else (a.k.a. “the world”)

The value indicates the specific actions which that particular user has permission to perform:

  • 4: read
  • 2: write
  • 1: execute

If a user has permission to perform more than one action, the values are added together. As such, “7” indicates a user with permission to perform all actions (4 + 2 + 1 = 7) and “777” indicates this level of permission for everyone.

The absolutely worse user / action combination from a security standpoint is “world” and “write”, hence the name “world-writable”.

How do I find world-writable files and folders?

This will return a list of world-writable files (if any) within the current directory:

find . -type f -perm 0777

And this will return a list of world-writable directories (if any):

find . -type d -perm 0777

To search a specific directory, replace the period with a path to the directory you want to target. If you want to search everywhere, replace the period with a slash:

// search a specific directory for world-writable files:
find /path/to/specific/directory -type f -perm 0777

// search everywhere for world-writable directories:
find / -type d -perm 0777

If you find any world-writable files or directories, be sure to change their permissions and lock that door.