-1

I found that sudo -u <user> test might work, but I don't have the sudo command on my system.

For example

/a d......--x
/a/aa d......--x YES
/b d......---
/b/bb d......--x NO

When I use the root user, I cannot use the test command to determine the permissions for "others". Related questions I found: Test effective permissions of file for user

hrdom
  • 1
  • 2
  • What have you tried so far? You wrote that When I use the root user, I cannot use the test command to determine the permissions for "others". So what is the command with test you were trying to run? – aviro Mar 17 '24 at 18:24
  • I understand that all the components of the path should have o=x, but should the ancestors also not have o=rw, or is this specific requirement only the child directory? – aviro Mar 18 '24 at 09:09
  • The test command I'm talking about looks like this: test -x /data/data/com.android.mms/app_parts && echo 'yes' – hrdom Mar 18 '24 at 12:24

1 Answers1

0

Here's how you do it:

find ./ ! -perm -o=x -prune -o \( -type d ! -perm /o=rw -perm -o=x -print \)
  • ! -perm -o=x -prune - don't descend into directories that don't have execute bit for "others".
  • The parentheses aren't really required, I added them just for clarity. The command would work the same without them.
  • Without the explicit -print at the end, the pruned directories (the ones that find doesn't descend into, i.e. those that don't have execute bit for "others") would also be printed. The explicit -print ensures that ONLY the directories found at the right hand side (after the prune) are printed.

Now, this command would be the most obvious one. However, there are ways to make it much shorter by performing some logical reductions.

First of all, if you think about it, you don't need the second -perm -o=x; If the first ! -perm -o=x evaluates to "True" (meaning, there's no execute bit on the folder), it won't even get to the right hand side after the -o (since logically, the whole expression would be evaluated as "True" after checking the first condition). This means that the whole section inside the parentheses would only be evaluated if there's an execute bit for others on the file.

Bottom line, the -perm -o=x part inside the parentheses is redundant and can be removed.

find ./ ! -perm -o=x -prune -o \( -type d ! -perm /o=rw -print \)

Now, as I said, the reason we need the -print at the end is because -prune action returns "True", and we don't want to print those pruned directories. However, we can invert the "True" by just adding ! before the -prune; Those folders will still be pruned, but the result would be "False", so they wouldn't be printed anyway.

find ./ ! -perm -o=x ! -prune -o \( -type d ! -perm /o=rw -print \)

And then we don't need the -print at the end anymore.

find ./ ! -perm -o=x ! -prune -o \( -type d ! -perm /o=rw \)

And as I said, you can remove the parentheses. And that's how you finally get to the:

Final shortened command:

find ./ ! -perm -o=x ! -prune -o -type d ! -perm /o=rw
aviro
  • 5,532