Re: ACL Question: normal user howto restrict root's permition ?

• Previous message: Roberto Gallo: "gdm, "Authentication failed" and gblic"
• In reply to: Skywind: "ACL Question: normal user howto restrict root's permition ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 19 Nov 2004 17:50:09 -0500

Skywind wrote:
> normal users how to restrict root permition of a file(own by normal user)?

Everyone else seems to have covered it well (considering that root can
overwrite permissions on files...), but I thought I'd put forth some ways
of making it *look* like root doesn't have permission, by making it
un-intuitively hard to read the files:

You can hide filenames, by giving them weird names:

  touch `echo -ne '.\001'`;

COUNTERS: 1) 'ls -a -b'. 2) using a gui with view hidden files

You can also give it annoying names like ones starting with a dash so it is
hard to read. The following is useful because most GNU commands are
confused by the appearance of a dash and think the name is actually an
option.

  cat < 'file' > '-tmp'

COUNTERS: cat < '-tmp'

Hide it in memory:

perl -e '@lines=`cat tmp.c`; system "rm", "tmp.c"; <STDIN>; open TMP,
">tmp.c"; print TMP @lines;'

COUNTERS: Punish the user by rebooting the system.

If you don't care about the contents:

ln -s 1 2; ln -s 2 1; cat 1;

Or just,

ln -s 1 2; rm 2; cat 1;

COUNTERS: rm the links

Get rid of the file, for crying out loud.

COUNTER: usermod -L luser

How about, constantly change its name? mktemp would be useful here!

Jon.

-- * Does the walker choose the path, or does the path choose the walker?
(fr. Sabriel) * --

• Previous message: Roberto Gallo: "gdm, "Authentication failed" and gblic"
• In reply to: Skywind: "ACL Question: normal user howto restrict root's permition ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]