Hacker News new | ask | show | jobs
by devmonk 5685 days ago
But a find on root takes a lot of time in some cases, during which the attacker could be compromised. And the scripts might not use it for that reason. The script could use it as a backup only if the standard one doesn't exist, but still, it is a bump in the road, and might be worth it to cause the script to use find and delay it.
1 comments
dionysiac 5684 days ago
Hence the -maxdepth 3 param:

  # time find / -maxdepth 3 -perm -7 -type d -print
  /tmp
  /var/tmp

  real    0m0.034s
  user    0m0.005s
  sys     0m0.028s
This was run on a pretty anemic VPS. Might have to up the depth to 4 if it doesn't return anything, but IMO that's pretty unlikely.
link