Re: Security question regarding directory and file permissions
From: Vilmos Soti (vilmos_at_vilmos.org)
Date: 06/06/03
- Next message: Vilmos Soti: "Re: y won't this work: chmod u+s /bin/sh"
- Previous message: Kasper Dupont: "Re: 512/1024 again: Mounting old serpent encrypted volumes on newer crypto kernels"
- In reply to: Mhoram: "Security question regarding directory and file permissions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 05 Jun 2003 22:48:12 -0700
mwathke@netscape.net (Mhoram) writes:
> I create a directory called /test with permissions of 777. Then, as
> user1, I create a file called testfile in that directory. The file
> has permissions of 664, owner is user1, and group is user1. I then
> log in as user2, change to the test directory, and edit the file using
> vi. Vi correctly states that the file is being opened read-only.
> While still in vi, I add a line to the file and try to save it using
> :w to which vi again states that the file is read-only. So far so
> good. But if I save my changes using :w! - vi allows the change.
> When I exit vi and do an ls, the file still has permissions of 664,
> but is now owned by user2 with a group of user2.
The thing is that the directory is 777 w/o the sticky bit set.
Check the chmod manpage (not too long), and look for the section
when it explains the STICKY DIRECTORIES.
I, as a regular user, can easily erase files owned by root
provided they are in a directory which is write-enable for me.
Go ahead, create a file in your home directory as root, then
erase it as the non-root user. You will succedd.
Vilmos
- Next message: Vilmos Soti: "Re: y won't this work: chmod u+s /bin/sh"
- Previous message: Kasper Dupont: "Re: 512/1024 again: Mounting old serpent encrypted volumes on newer crypto kernels"
- In reply to: Mhoram: "Security question regarding directory and file permissions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
