Files, directories, and devices that are writable by any user (“world-writable”) on a multi-user system can be dangerous locally exploitable security holes. There are very few legitimate reasons for having world-writable files and directories on a system.<\/p>\n
Many UNIX and Linux systems actually have cron<\/em> jobs that check for world-writable files. On Apple’s OS X there is no such safeguard and many vendors do not seem to care about file permissions much at all. Several well-known applications are either installed with world-writable files or create them when used:<\/p>\n The following applications install world-writable files in shared directories ( The following applications install world-writable files in user directories ( The lists have been compiled by inspecting my own systems and those of several friends by running<\/p>\n and analyzing the output.<\/p>\n Note that running Disk Utility<\/em>‘s “Repair Disk Permissions” does not have any influence on the issues described here.<\/p>\n Most OS X installations are probably single-user systems in reality but the situation is still somewhat ugly.<\/p>\n","protected":false},"excerpt":{"rendered":" Files, directories, and devices that are writable by any user (“world-writable”) on a multi-user system can be dangerous locally exploitable security holes. There are very few legitimate reasons for having world-writable files and directories on a system. Many UNIX and Linux systems actually have cron jobs that check for world-writable files. On Apple’s OS XWorld-writable files in system directories<\/h4>\n
\/Applications<\/code>, \/Library<\/code>, …):<\/p>\n\n
Contents\/Resources<\/code><\/li>\nAddIns<\/code> und AddIns\/airappinstaller<\/code>)<\/li>\nWorld-writable files in user directories<\/h4>\n
\/Users\/$USER<\/em><\/code>):<\/p>\n\n
sudo sh -c \\\r\n \"find \/ -xdev -perm +o=w ! \\( -type d -perm +o=t \\) ! -type l -print0 | \\\r\n xargs -0 ls -dl 2>&1 | \\\r\n tee world-writable-files.txt\"<\/pre>\n
[→ Read the rest of this entry<\/a>]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true},"categories":[15,36,8],"tags":[37,83,98,87,85,89,67,84,82,39,80,95,81,86,88],"yoast_head":"\n\n\n\n\n\n\n\n\n\n\n\n\n\t\n\t\n\t\n