Security considerations for find

Read about the security considerations for find. Find is a *nix tool for searching though directories for files and filtering them to build lists or run commands.

While I’m here I might as well show you my latest find command, I think it’s a beauty. :)

sudo find . \
  \( \( \( \! -user jj5 \) -or \( \! -group jj5 \) \) \
    -execdir chown jj5:jj5 '{}' \+ \) , \
  \( \( -type d \( \! -perm -u+rwx \) \) \
    -execdir chmod u+rwx '{}' \+ \) , \
  \( \( -type f \( \! -perm -u+rw \) \) \
    -execdir chmod u+rw '{}' \+ \)

Unix command to format a number of bytes as a human readable value

It took me a while, but I finally figured out how to print a number from a bash script properly formatted with commas as thousand’s separators. For those like me who weren’t in the know, the magical incantation is:

  printf "%'d" 123456

That will format 123456 as 123,456. Much easier to read when you’re dealing with large numbers such as the sizes of files in gigabytes.

So now if I could only find the Unix command that took a number of bytes and turned it into an approximate value with GB or MB suffixes.


I learned about the ‘tr’ Unix command today. It’s for translating text in streams. The particular example was:

  echo | tr '012' '001'

And I didn’t really understand what that did, but now I do. Basically the ‘echo’ part will echo a new line character, which is octal 012. Then tr will read its input stream and read that new line. It then has a rule to translate 012 (new line) to 001 (Ctrl+A), which it does. So basically it’s just a way of getting a Ctrl+A character in a stream. If you use Ctrl+A as your regular expression delimiter you’re unlikely to have a collision in the expression itself.