LX0-103 · Question #32
What does the following script do? #!/bin/bash find/ -perm +4000 | mail -s "Daily find output" root
The correct answer is A. Emails a report of all suid files to root.. The script uses find with -perm +4000 to locate files with the SUID bit set, then emails the list to root.
Question
What does the following script do? #!/bin/bash find/ -perm +4000 | mail -s "Daily find output" root
Options
- AEmails a report of all suid files to root.
- BEmails a report of all important files to root.
- CEmails a report of all writeable files to root.
- DEmails a report of all guid files to root.
- ECorrects permissions on files and emails the results to root.
How the community answered
(17 responses)- A76% (13)
- C6% (1)
- D12% (2)
- E6% (1)
Why each option
The script uses find with -perm +4000 to locate files with the SUID bit set, then emails the list to root.
The permission value 4000 corresponds to the Set User ID (SUID) bit; using -perm +4000 (or -perm /4000 in newer find versions) matches any file that has this bit set. The output is piped to mail with a subject line and addressed to root, making this a SUID file audit script.
There is no general 'important files' permission bit; the script specifically targets files with the SUID bit (4000), not a broad category of important files.
Writable files would be found using -perm -222 or similar write-permission bits, not the value 4000 which is the SUID bit.
GUID (Set Group ID) files use the permission value 2000, not 4000; the script only matches files with the SUID bit set.
The script performs no chmod or permission correction; it only finds files and emails the listing without modifying anything.
Concept tested: Finding SUID files with find -perm and piping to mail
Source: https://man7.org/linux/man-pages/man1/find.1.html
Topics
Community Discussion
No community discussion yet for this question.