Help with find command to identify SUID file please?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
2
down vote

favorite












I am doing an online course and could do with some help please. Please see the image below. I am using find to locate a file with the SUID bit set. The question asks "What is the contents of the file named ‘immersive’, which is owned by user 'linux', with SUID and user execute permissions set? There are multiple files named 'immersive' find the correct one!" From the question I used the command 



find . -perm /4100


I hope that is the correct octal permissions?
In the image you will see two directories returned but when i run ls -la I am not seeing any file with the SUID set.
Any ideas what I am doing wrong?



$ find . -perm /4100
.
./immersive
$ ls .
immersive
$ ls -la ./immersive
lrwxrwxrwx 1 root root 23 Aug 20 14:25 ./immersive -> /lib/firmware/immersive
linux@find-command:~$ find . -perm /4100 . ./immersive 
linux@find-command:~$ ls -la 
total 24 
drwxr-xr-x 1 linux linux 4096 Oct 13 13:00 . 
drwxr-xr-x 1 root root 4096 Oct 11 18:56 .. 
-rw------- 1 linux linux 134 Oct 13 13:00 .bash_history 
-rw-r--r-- 17 linux linux 220 Apr 4 2018 .bash_logout 
-rw-r--r-- 17 linux linux 3771 Apr 4 2018 .bashrc
-rw-r--r-- 17 linux linux 807 Apr 4 2018 .profile
lrwxrwxrwx 1 root root 23 Aug 20 14:25 immersive -> /lib/firmware/immersive





command-line permissions find







share|improve this question























  • Hi George I dont have a sudo account available to me so I am just running find. The above command gives me a different answer showing me just a . or period. If i then run ls -la I still do not see the file with the SUID bit set. I see linux@find-command:~$ find -user linux -perm /4100 .
    – user278930
    2 hours ago











  • I think that you want -perm /4000 (iirc /4100 will also find any files with the owner's executable bit set)
    – steeldriver
    1 hour ago






  • 1




    @steeldriver The questions says "…, with SUID and user execute permissions set" so 4100 seems correct.
    – PerlDuck
    1 hour ago






  • 1




    Should the-user linux option not be included?
    – George Udosen
    1 hour ago






  • 1




    @PerlDuck but the /perm form matches any of the permission bits, no (i.e. logical OR of SUID and user-executable)?
    – steeldriver
    1 hour ago















up vote
2
down vote

favorite












I am doing an online course and could do with some help please. Please see the image below. I am using find to locate a file with the SUID bit set. The question asks "What is the contents of the file named ‘immersive’, which is owned by user 'linux', with SUID and user execute permissions set? There are multiple files named 'immersive' find the correct one!" From the question I used the command 



find . -perm /4100


I hope that is the correct octal permissions?
In the image you will see two directories returned but when i run ls -la I am not seeing any file with the SUID set.
Any ideas what I am doing wrong?



$ find . -perm /4100
.
./immersive
$ ls .
immersive
$ ls -la ./immersive
lrwxrwxrwx 1 root root 23 Aug 20 14:25 ./immersive -> /lib/firmware/immersive
linux@find-command:~$ find . -perm /4100 . ./immersive 
linux@find-command:~$ ls -la 
total 24 
drwxr-xr-x 1 linux linux 4096 Oct 13 13:00 . 
drwxr-xr-x 1 root root 4096 Oct 11 18:56 .. 
-rw------- 1 linux linux 134 Oct 13 13:00 .bash_history 
-rw-r--r-- 17 linux linux 220 Apr 4 2018 .bash_logout 
-rw-r--r-- 17 linux linux 3771 Apr 4 2018 .bashrc
-rw-r--r-- 17 linux linux 807 Apr 4 2018 .profile
lrwxrwxrwx 1 root root 23 Aug 20 14:25 immersive -> /lib/firmware/immersive





command-line permissions find







share|improve this question























  • Hi George I dont have a sudo account available to me so I am just running find. The above command gives me a different answer showing me just a . or period. If i then run ls -la I still do not see the file with the SUID bit set. I see linux@find-command:~$ find -user linux -perm /4100 .
    – user278930
    2 hours ago











  • I think that you want -perm /4000 (iirc /4100 will also find any files with the owner's executable bit set)
    – steeldriver
    1 hour ago






  • 1




    @steeldriver The questions says "…, with SUID and user execute permissions set" so 4100 seems correct.
    – PerlDuck
    1 hour ago






  • 1




    Should the-user linux option not be included?
    – George Udosen
    1 hour ago






  • 1




    @PerlDuck but the /perm form matches any of the permission bits, no (i.e. logical OR of SUID and user-executable)?
    – steeldriver
    1 hour ago













up vote
2
down vote

favorite









up vote
2
down vote

favorite











I am doing an online course and could do with some help please. Please see the image below. I am using find to locate a file with the SUID bit set. The question asks "What is the contents of the file named ‘immersive’, which is owned by user 'linux', with SUID and user execute permissions set? There are multiple files named 'immersive' find the correct one!" From the question I used the command 



find . -perm /4100


I hope that is the correct octal permissions?
In the image you will see two directories returned but when i run ls -la I am not seeing any file with the SUID set.
Any ideas what I am doing wrong?



$ find . -perm /4100
.
./immersive
$ ls .
immersive
$ ls -la ./immersive
lrwxrwxrwx 1 root root 23 Aug 20 14:25 ./immersive -> /lib/firmware/immersive
linux@find-command:~$ find . -perm /4100 . ./immersive 
linux@find-command:~$ ls -la 
total 24 
drwxr-xr-x 1 linux linux 4096 Oct 13 13:00 . 
drwxr-xr-x 1 root root 4096 Oct 11 18:56 .. 
-rw------- 1 linux linux 134 Oct 13 13:00 .bash_history 
-rw-r--r-- 17 linux linux 220 Apr 4 2018 .bash_logout 
-rw-r--r-- 17 linux linux 3771 Apr 4 2018 .bashrc
-rw-r--r-- 17 linux linux 807 Apr 4 2018 .profile
lrwxrwxrwx 1 root root 23 Aug 20 14:25 immersive -> /lib/firmware/immersive





command-line permissions find







share|improve this question















I am doing an online course and could do with some help please. Please see the image below. I am using find to locate a file with the SUID bit set. The question asks "What is the contents of the file named ‘immersive’, which is owned by user 'linux', with SUID and user execute permissions set? There are multiple files named 'immersive' find the correct one!" From the question I used the command 



find . -perm /4100


I hope that is the correct octal permissions?
In the image you will see two directories returned but when i run ls -la I am not seeing any file with the SUID set.
Any ideas what I am doing wrong?



$ find . -perm /4100
.
./immersive
$ ls .
immersive
$ ls -la ./immersive
lrwxrwxrwx 1 root root 23 Aug 20 14:25 ./immersive -> /lib/firmware/immersive
linux@find-command:~$ find . -perm /4100 . ./immersive 
linux@find-command:~$ ls -la 
total 24 
drwxr-xr-x 1 linux linux 4096 Oct 13 13:00 . 
drwxr-xr-x 1 root root 4096 Oct 11 18:56 .. 
-rw------- 1 linux linux 134 Oct 13 13:00 .bash_history 
-rw-r--r-- 17 linux linux 220 Apr 4 2018 .bash_logout 
-rw-r--r-- 17 linux linux 3771 Apr 4 2018 .bashrc
-rw-r--r-- 17 linux linux 807 Apr 4 2018 .profile
lrwxrwxrwx 1 root root 23 Aug 20 14:25 immersive -> /lib/firmware/immersive





command-line permissions find




command-line permissions find






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited 1 hour ago









terdon♦

62.5k12131208




62.5k12131208










asked 2 hours ago









user278930

214




214











  • Hi George I dont have a sudo account available to me so I am just running find. The above command gives me a different answer showing me just a . or period. If i then run ls -la I still do not see the file with the SUID bit set. I see linux@find-command:~$ find -user linux -perm /4100 .
    – user278930
    2 hours ago











  • I think that you want -perm /4000 (iirc /4100 will also find any files with the owner's executable bit set)
    – steeldriver
    1 hour ago






  • 1




    @steeldriver The questions says "…, with SUID and user execute permissions set" so 4100 seems correct.
    – PerlDuck
    1 hour ago






  • 1




    Should the-user linux option not be included?
    – George Udosen
    1 hour ago






  • 1




    @PerlDuck but the /perm form matches any of the permission bits, no (i.e. logical OR of SUID and user-executable)?
    – steeldriver
    1 hour ago

















  • Hi George I dont have a sudo account available to me so I am just running find. The above command gives me a different answer showing me just a . or period. If i then run ls -la I still do not see the file with the SUID bit set. I see linux@find-command:~$ find -user linux -perm /4100 .
    – user278930
    2 hours ago











  • I think that you want -perm /4000 (iirc /4100 will also find any files with the owner's executable bit set)
    – steeldriver
    1 hour ago






  • 1




    @steeldriver The questions says "…, with SUID and user execute permissions set" so 4100 seems correct.
    – PerlDuck
    1 hour ago






  • 1




    Should the-user linux option not be included?
    – George Udosen
    1 hour ago






  • 1




    @PerlDuck but the /perm form matches any of the permission bits, no (i.e. logical OR of SUID and user-executable)?
    – steeldriver
    1 hour ago
















Hi George I dont have a sudo account available to me so I am just running find. The above command gives me a different answer showing me just a . or period. If i then run ls -la I still do not see the file with the SUID bit set. I see linux@find-command:~$ find -user linux -perm /4100 .
– user278930
2 hours ago





Hi George I dont have a sudo account available to me so I am just running find. The above command gives me a different answer showing me just a . or period. If i then run ls -la I still do not see the file with the SUID bit set. I see linux@find-command:~$ find -user linux -perm /4100 .
– user278930
2 hours ago













I think that you want -perm /4000 (iirc /4100 will also find any files with the owner's executable bit set)
– steeldriver
1 hour ago




I think that you want -perm /4000 (iirc /4100 will also find any files with the owner's executable bit set)
– steeldriver
1 hour ago




1




1




@steeldriver The questions says "…, with SUID and user execute permissions set" so 4100 seems correct.
– PerlDuck
1 hour ago




@steeldriver The questions says "…, with SUID and user execute permissions set" so 4100 seems correct.
– PerlDuck
1 hour ago




1




1




Should the-user linux option not be included?
– George Udosen
1 hour ago




Should the-user linux option not be included?
– George Udosen
1 hour ago




1




1




@PerlDuck but the /perm form matches any of the permission bits, no (i.e. logical OR of SUID and user-executable)?
– steeldriver
1 hour ago





@PerlDuck but the /perm form matches any of the permission bits, no (i.e. logical OR of SUID and user-executable)?
– steeldriver
1 hour ago











1 Answer
1






active

oldest

votes

















up vote
2
down vote













See this question for an explanation of -perm /mode vs. -perm -mode. I admit, it's not very intuitive, but:



find . -type f -name immersive -user linux -perm -u=sx -ls
# or
find . -type f -name immersive -user linux -perm -4100 -ls


will do as you ask.



The -perm -4100 means: find any file that has 4 (=setuid) set AND 1 (=x) set for the user while ignoring the remaining bits (group and other).



The -perm /4100 on the other hand means: find any file that has EITHER 4 (=setuid) set OR 1 (=x) set for the user (or both) while ignoring the remaining bits.



So /mode will find more files than -mode.



In case it isn't obvious (because I focussed on the -perm flag): the others mean: find a file (-type f) with name immersive owned by user linux. All these conditions are ANDed.






share|improve this answer






















  • Thanks for the explanation of the difference between -perm and /perm. I have tried both of the above commands but still don't find the file I need. The one with -u=sx gives an error of "unknown predicate -u=sx"
    – user278930
    49 mins ago










  • @user278930 Then you forgot the -perm. It must read find … -perm -u=sx … where -u=sx is a parameter to the -perm switch. It looks weird, but is correct. When you drop the -perm then find thinks -u=sx is a switch for find and complains but it is actually the parameter for the -perm switch. Just like linux is the parameter for the -user switch.
    – PerlDuck
    45 mins ago











Your Answer







StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "89"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: true,
noModals: false,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













 

draft saved


draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1083469%2fhelp-with-find-command-to-identify-suid-file-please%23new-answer', 'question_page');

);

Post as a guest

















1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
2
down vote













See this question for an explanation of -perm /mode vs. -perm -mode. I admit, it's not very intuitive, but:



find . -type f -name immersive -user linux -perm -u=sx -ls
# or
find . -type f -name immersive -user linux -perm -4100 -ls


will do as you ask.



The -perm -4100 means: find any file that has 4 (=setuid) set AND 1 (=x) set for the user while ignoring the remaining bits (group and other).



The -perm /4100 on the other hand means: find any file that has EITHER 4 (=setuid) set OR 1 (=x) set for the user (or both) while ignoring the remaining bits.



So /mode will find more files than -mode.



In case it isn't obvious (because I focussed on the -perm flag): the others mean: find a file (-type f) with name immersive owned by user linux. All these conditions are ANDed.






share|improve this answer






















  • Thanks for the explanation of the difference between -perm and /perm. I have tried both of the above commands but still don't find the file I need. The one with -u=sx gives an error of "unknown predicate -u=sx"
    – user278930
    49 mins ago










  • @user278930 Then you forgot the -perm. It must read find … -perm -u=sx … where -u=sx is a parameter to the -perm switch. It looks weird, but is correct. When you drop the -perm then find thinks -u=sx is a switch for find and complains but it is actually the parameter for the -perm switch. Just like linux is the parameter for the -user switch.
    – PerlDuck
    45 mins ago















up vote
2
down vote













See this question for an explanation of -perm /mode vs. -perm -mode. I admit, it's not very intuitive, but:



find . -type f -name immersive -user linux -perm -u=sx -ls
# or
find . -type f -name immersive -user linux -perm -4100 -ls


will do as you ask.



The -perm -4100 means: find any file that has 4 (=setuid) set AND 1 (=x) set for the user while ignoring the remaining bits (group and other).



The -perm /4100 on the other hand means: find any file that has EITHER 4 (=setuid) set OR 1 (=x) set for the user (or both) while ignoring the remaining bits.



So /mode will find more files than -mode.



In case it isn't obvious (because I focussed on the -perm flag): the others mean: find a file (-type f) with name immersive owned by user linux. All these conditions are ANDed.






share|improve this answer






















  • Thanks for the explanation of the difference between -perm and /perm. I have tried both of the above commands but still don't find the file I need. The one with -u=sx gives an error of "unknown predicate -u=sx"
    – user278930
    49 mins ago










  • @user278930 Then you forgot the -perm. It must read find … -perm -u=sx … where -u=sx is a parameter to the -perm switch. It looks weird, but is correct. When you drop the -perm then find thinks -u=sx is a switch for find and complains but it is actually the parameter for the -perm switch. Just like linux is the parameter for the -user switch.
    – PerlDuck
    45 mins ago













up vote
2
down vote










up vote
2
down vote









See this question for an explanation of -perm /mode vs. -perm -mode. I admit, it's not very intuitive, but:



find . -type f -name immersive -user linux -perm -u=sx -ls
# or
find . -type f -name immersive -user linux -perm -4100 -ls


will do as you ask.



The -perm -4100 means: find any file that has 4 (=setuid) set AND 1 (=x) set for the user while ignoring the remaining bits (group and other).



The -perm /4100 on the other hand means: find any file that has EITHER 4 (=setuid) set OR 1 (=x) set for the user (or both) while ignoring the remaining bits.



So /mode will find more files than -mode.



In case it isn't obvious (because I focussed on the -perm flag): the others mean: find a file (-type f) with name immersive owned by user linux. All these conditions are ANDed.






share|improve this answer














See this question for an explanation of -perm /mode vs. -perm -mode. I admit, it's not very intuitive, but:



find . -type f -name immersive -user linux -perm -u=sx -ls
# or
find . -type f -name immersive -user linux -perm -4100 -ls


will do as you ask.



The -perm -4100 means: find any file that has 4 (=setuid) set AND 1 (=x) set for the user while ignoring the remaining bits (group and other).



The -perm /4100 on the other hand means: find any file that has EITHER 4 (=setuid) set OR 1 (=x) set for the user (or both) while ignoring the remaining bits.



So /mode will find more files than -mode.



In case it isn't obvious (because I focussed on the -perm flag): the others mean: find a file (-type f) with name immersive owned by user linux. All these conditions are ANDed.







share|improve this answer














share|improve this answer



share|improve this answer








edited 1 hour ago

























answered 1 hour ago









PerlDuck

4,20211030




4,20211030











  • Thanks for the explanation of the difference between -perm and /perm. I have tried both of the above commands but still don't find the file I need. The one with -u=sx gives an error of "unknown predicate -u=sx"
    – user278930
    49 mins ago










  • @user278930 Then you forgot the -perm. It must read find … -perm -u=sx … where -u=sx is a parameter to the -perm switch. It looks weird, but is correct. When you drop the -perm then find thinks -u=sx is a switch for find and complains but it is actually the parameter for the -perm switch. Just like linux is the parameter for the -user switch.
    – PerlDuck
    45 mins ago

















  • Thanks for the explanation of the difference between -perm and /perm. I have tried both of the above commands but still don't find the file I need. The one with -u=sx gives an error of "unknown predicate -u=sx"
    – user278930
    49 mins ago










  • @user278930 Then you forgot the -perm. It must read find … -perm -u=sx … where -u=sx is a parameter to the -perm switch. It looks weird, but is correct. When you drop the -perm then find thinks -u=sx is a switch for find and complains but it is actually the parameter for the -perm switch. Just like linux is the parameter for the -user switch.
    – PerlDuck
    45 mins ago
















Thanks for the explanation of the difference between -perm and /perm. I have tried both of the above commands but still don't find the file I need. The one with -u=sx gives an error of "unknown predicate -u=sx"
– user278930
49 mins ago




Thanks for the explanation of the difference between -perm and /perm. I have tried both of the above commands but still don't find the file I need. The one with -u=sx gives an error of "unknown predicate -u=sx"
– user278930
49 mins ago












@user278930 Then you forgot the -perm. It must read find … -perm -u=sx … where -u=sx is a parameter to the -perm switch. It looks weird, but is correct. When you drop the -perm then find thinks -u=sx is a switch for find and complains but it is actually the parameter for the -perm switch. Just like linux is the parameter for the -user switch.
– PerlDuck
45 mins ago





@user278930 Then you forgot the -perm. It must read find … -perm -u=sx … where -u=sx is a parameter to the -perm switch. It looks weird, but is correct. When you drop the -perm then find thinks -u=sx is a switch for find and complains but it is actually the parameter for the -perm switch. Just like linux is the parameter for the -user switch.
– PerlDuck
45 mins ago


















 

draft saved


draft discarded















































 


draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1083469%2fhelp-with-find-command-to-identify-suid-file-please%23new-answer', 'question_page');

);

Post as a guest
































































Comments

Post a Comment

Popular posts from this blog

Long meetings (6-7 hours a day): Being “babysat” by supervisor

Image
Clash Royale CLAN TAG #URR8PPP .everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty margin-bottom:0; up vote 31 down vote favorite 4 I hold a PhD in mechanical engineering with a 7 year background in self-guided, self-paced research including 2 years as a graduate level course instructor and a subject matter expert for various engineering projects in a university setting in the United States. For the last 10-11 months, I am working in a research industry in France where my task is to debug C++ spaghetti code written over a period of several years by my current supervisor. It is a team of 2: just I and my supervisor. Diurnally, I am posed with a "bug of the day" to get out of this C++ code. My supervisor generally gives me about 15-30 minutes to solve it and then accosts me about whether or not the task is completed and then rinses and repeats this until the end of the day. Off-late, my supervisor has been holding 6-7 hour long "meetin
Read more

Is the Concept of Multiple Fantasy Races Scientifically Flawed? [closed]

Image
Clash Royale CLAN TAG #URR8PPP up vote 2 down vote favorite Many fantasy worlds have multiple humanoid species (elves, orcs, humans, etc) living in the same world, in addition to that, they often have the ability to interbreed. And I can't help but question their believability... fantasy-races reproduction interspecies-relations share | improve this question edited Aug 9 at 14:46 Michael Kjörling ♦ 21.1k 10 85 161 asked Aug 9 at 13:13 Chlodio 118 6 closed as unclear what you're asking by MichaelK, Gryphon, John, Vincent, Frostfyre Aug 9 at 15:25 Please clarify your specific problem or add additional details to highlight exactly what you need. As it's currently written, it’s hard to tell exactly what you're asking. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question. 3 Stack Exchange exist to
Read more

Confectionery

Image
Prepared foods made with a lot of sugar or other cabohydrates "Sweetmeat" redirects here. For the racehorse, see Sweetmeat (horse). Not to be confused with Sweetbread. This Kransekake is a traditional Scandinavian baker's confection. Confectionery is the art of making confections , which are food items that are rich in sugar and carbohydrates. Exact definitions are difficult. [1] In general, though, confectionery is divided into two broad and somewhat overlapping categories, bakers' confections and sugar confections. [2] Bakers' confectionery, also called flour confections , includes principally sweet pastries, cakes, and similar baked goods. Sugar confectionery includes candies ( sweets in British English), candied nuts, chocolates, chewing gum, bubble gum, pastillage, and other confections that are made primarily of sugar. In some cases, chocolate confections (confections made of chocolate) are treated as a separate category, as are sugar-free versions of
Read more