"find" command examples

From Brandonhutchinson.com

Jump to: navigation, search
  • Find group-writable or other-writable files:
$ find . -type f -perm -022
  • Find only group-writable files:
$ find . -type f -perm -020 ! -perm -022
  • Find SUID files:
$ find / -perm -4000
  • Find SUID or SGID files:
$ find / -perm -4000 -o -perm -2000
  • Find SUID or SGID files that are actually executable by user, group, or other:
$ find / -perm -4000 -o -perm -2000 -a -perm +111
  • Find all SUID or SGID files that are actually executable by user, group, or other. Exclude files from dir1 and dir2.
$ find / \( -path '/dir1' -o -path '/dir2' \) -prune -o \( -perm -4000 -o -perm -2000 \) -a -perm +111

Notes

  • -perm
    • If the mask is unsigned, an exact match on the permissions is required.
    • If the mask is +, at least one of the bits set must match.
    • If the mask is -, all of the bits set must match.
  • When specifying times with find,
    • 0 means within the last day (24 hours)
    • 1 means between 24 and 48 hours old
    • 2 means between 48 and 72 hours old, etc.
Personal tools