🎁 New User? Get 20% off your first purchase with code NEWUSER20 Register Now →
Menu

Categories

Security & Hardening

Linux File ACL and Permission Auditing: SUID, World-Writable, and Sensitive Files

Dargslan Team | April 12, 2026 | 5 min read | 5 views
Linux File ACL and Permission Auditing: SUID, World-Writable, and Sensitive Files

Permission Security

File permissions control who can read, write, and execute files. Misconfigured permissions on sensitive files like /etc/shadow or SUID binaries can lead to privilege escalation.

Finding Dangerous Permissions

# World-writable files
find / -perm -o+w -type f 2>/dev/null

# SUID binaries
find / -perm -4000 -type f 2>/dev/null

# SGID binaries
find / -perm -2000 -type f 2>/dev/null

# Files without owner
find / -nouser -o -nogroup 2>/dev/null

Checking POSIX ACLs

getfacl /path/to/file
setfacl -m u:user:rwx /path/to/file
setfacl -R -m g:devs:rx /project/

Sensitive File Checks

ls -la /etc/shadow    # should be 640 root:shadow
ls -la /etc/passwd    # should be 644 root:root
ls -la /etc/sudoers   # should be 440 root:root

Automated Audit with dargslan-acl-check

pip install dargslan-acl-check
dargslan-acl-check
Share this article:
Dargslan Editorial Team (Dargslan)
About the Author

Dargslan Editorial Team (Dargslan)

Collective of Software Developers, System Administrators, DevOps Engineers, and IT Authors

Dargslan is an independent technology publishing collective formed by experienced software developers, system administrators, and IT specialists.

The Dargslan editorial team works collaboratively to create practical, hands-on technology books focused on real-world use cases. Each publication is developed, reviewed, and...

Programming Languages Linux Administration Web Development Cybersecurity Networking
View all books

Related Articles

Stay Updated

Subscribe to our newsletter for the latest tutorials, tips, and exclusive offers.