When you execute chmod -R 777 /, you're recursively granting read, write, and execute permissions to all users (owner, group, others) on every file and directory starting from the root (/). This includes:
- System binaries in
/bin,/sbin - Configuration files in
/etc - Temporary directories like
/tmp - Even device files in
/dev
Linux relies on file permissions for:
# Example of critical system files that MUST remain restricted:
-rw------- 1 root root /etc/shadow # Contains password hashes
-rwsr-xr-x 1 root root /bin/su # SUID binary
crw-rw---- 1 root root /dev/sda # Direct disk accessWhen these lose their protections:
- SUID/SGID binaries become security holes (any user can modify them)
- Service accounts (like www-data) gain root-equivalent access
- Package managers fail because they verify file permissions
Imagine a web server where:
# Before chmod:
drwxr-x--- 5 root www-data /var/www
# After chmod:
drwxrwxrwx 5 root www-data /var/wwwNow any process can:
- Modify PHP files to inject malware
- Tamper with session files
- Overwrite log files to hide attacks
Modern Linux systems use permission-aware daemons:
// Example from systemd source (simplified):
if (stat("/etc/systemd/system", &st) == -1) {
log_error("Permissions too open");
exit(EXIT_FAILURE);
}Common failure modes include:
| Service | Failure Reason |
|---|---|
| SSH | Refuses to start if ~/.ssh has world-writable permissions |
| MySQL | Aborts if data directory permissions are insecure |
While a full reinstall is recommended, for critical systems you might:
# 1. Reset permissions for core directories
find / -type d -exec chmod 755 {} \;
find / -type f -exec chmod 644 {} \;
# 2. Special cases (run as root)
chmod 700 /root /etc/shadow
chmod 4755 /bin/su /usr/bin/sudoThen verify with:
# Check for world-writable files
find / -perm -2 ! -type l -lsWhen you execute chmod -R 777 /, you're recursively granting read, write, and execute permissions to every user and process on the system for all files and directories starting from the root (/). This includes:
- Critical system binaries (/bin, /sbin)
- Configuration files (/etc)
- Temporary directories (/tmp)
- Home directories (/home)
- Device files (/dev)
Linux relies on file permissions for:
- Security isolation: Many services run as specific users with limited permissions
- System integrity: Critical files should only be modified by root or specific system users
- Process behavior: Some programs check permissions before operating
Example of a broken scenario:
$ sudo chmod -R 777 /
$ sudo su -
# ls -l /etc/shadow
-rwxrwxrwx 1 root root 1234 Jan 1 00:00 /etc/shadow # Now world-writable!
SSH Daemon often fails because it checks that key files have strict permissions:
$ tail /var/log/auth.log
sshd[1234]: Bad permissions for /etc/ssh/ssh_host_rsa_key
sshd[1234]: Authentication refused: bad ownership or modes
SUID binaries like passwd become security risks when world-writable:
$ ls -l /usr/bin/passwd
-rwsrwxrwx 1 root root 59976 Nov 24 2022 /usr/bin/passwd
There's no perfect way to restore original permissions because:
- System packages don't track original permission states
- Many files are created dynamically during operation
- Permission inheritance gets broken
Partial recovery attempt (not recommended for production):
# For Debian/Ubuntu systems
find / -type d -exec chmod 755 {} \;
find / -type f -exec chmod 644 {} \;
# Then reinstall critical packages
apt-get --reinstall install `dpkg -S /bin /sbin /usr/bin /usr/sbin | cut -d: -f1`
Always:
- Double-check paths before recursive operations
- Use
--preserve-rootflag (default in modern chmod) - Consider using
setfaclfor complex permission needs
Example safer alternative:
# Instead of 777:
chmod -R u=rwX,g=rX,o=rX /path/to/dir
find /path/to/dir -type d -exec chmod 755 {} \;