Basic Security question about directory path
From: John Earl (john.earl_at_powertech.com)
Date: 07/28/05
- Previous message: Kristine Amari: "Re: Packet analysis and protocol analysis"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 27 Jul 2005 18:12:21 -0700 To: <security-basics@lists.securityfocus.com>
This seems like a very basic security question, and I _believe_ I
already know the answer, but I am in a debate with a large software
company about what is the correct security requirement for a path
prefix, so I'm looking for second opinions...
The question is this; In a standard Unix (or POSIX really) setup, what
authority does a user require to traverse a directory path in order to
read a file from a subdirectory?
For example, if user "FRED" wishes to read file "myfile"
from location "/dir1/dir2/" (so that the full path name is
(/dir1/dir2/myfile"), should user "FRED" need just "x" access to the
root and "dir1" or should user FRED need "rx" access to the root and
"dir1". The goal is both to read the contents of "myfile", but also to
give the user the lowest amount of authority necessary to complete the
task.
Any insight you have on this would be greatly appreciated.
Thank You,
jte
-- John Earl The PowerTech Group Seattle, WA www.powertech.com This email message and any attachments are intended only for the use of the intended recipients and may contain information that is privileged and confidential. If you are not the intended recipient, any dissemination, distribution, or copying is strictly prohibited. If you received this email message in error, please immediately notify the sender by replying to this email message, or by telephone, and delete the message from your email system. --
- Previous message: Kristine Amari: "Re: Packet analysis and protocol analysis"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
