ConfigServer Community Forum

I got users with scripts that are chmoding themselves as 777.
Others uploading them this way.
Anyway for whatever reason, there are directories with 777 permissions.

I don't really care, cagefs does the work well. But what concerns me is cxswatch.
I may get ~500 mails per day per server that is 4000 mails in a day only
for warnings about world writable directories.

HOW I can stop cxswatch from informing me about these directories ?
Really stop it. I got a filter to thrash them but that's not the solution.
Servers sending thousands of mails, mails in queue every day, raping the server just because of this.

This for example is only for today until now for one server:
(618 mails in 12 hours from 1 server)
http://infected.gr/writeable.png

The best thing to do would be to fix whatever script is creating world writable diretories, as there is an inherent security risk in these directories. If you can't do that and want to stop these alerts there are two options:

1. Configure cxs to not scan for world writable directories by specifying "--options -w" in your cxs command line in the cxswatch.sh script. This will configure cxswatch to scan for all the normal default file types except for world writable directories. You may want to set up a scheduled scan (if you do not have one already) that includes the w option to check for world writable directories periodically.

2. Use an ignore file to configure cxswatch to ignore the directory or directories containing these world-writable directories. See the documentation for the --ignore option and the file /etc/cxs/cxs.ignore.example for more information.