#!/bin/sh

ROOT_UID=0      # Only users with $UID 0 have root privileges.
E_NOTROOT=67    # Non-root exit error.

# Run as root, of course.
if [ "$UID" -ne "$ROOT_UID" ]; then
  echo "Must be root to run this script."
  exit $E_NOTROOT
fi

# The following command discovers and prints any world-writable files in local partitions. Run it once for each
# local partition PART:
#  find PART -xdev -type f -perm -0002 -print

# If this command produces any output, fix each reported file file using the command:
#  chmod o-w file

# Data in world-writable files can be modified by any user on the system. In almost all circumstances, files can be
# configured using a combination of user and group permissions to support whatever legitimate access is needed
# without the risk caused by world-writable files.
# It is generally a good idea to remove global (other) write access to a file when it is discovered. However, check
# with documentation for specific applications before making changes. Also, monitor for recurring world-writable
# files, as these may be symptoms of a misconfigured application or user account.

find / -xdev -type f -perm -0002 -print | (cat <<EOF
This is an automated report of $0 on the server `hostname -s`.

find / -xdev -type f -perm -0002 -print
EOF
cat
) | /bin/mail -s "[Find Unauthorized World-Writable Files]" root