Re: Negative permissions WITHOUT ACLs
- From: Kevin Buhr <buhr+un@xxxxxxxxxxx>
- Date: Thu, 12 Oct 2006 17:17:53 GMT
"Starfish" <frel8817@xxxxxxxxxxxxx> writes:
Here goes: How do you specify negative permission¹ in Unix/Linux
without using ACLs?
¹E.g. saying that the user "Ellen" should not have write access to a
file regardless of the permissions given to her groups.
On my machine, I am the only member of group "buhr". If there's a
file, owned by anyone besides "buhr", with the following permissions:
-rw----r-- 1 root buhr 5 2006-10-12 11:56 buhr_cant_access
then everyone can read it except me.
Unfortunately, the standard Unix permissions system hasn't really been
designed with this usage kept clearly in mind, so there may be ways
for users to manipulate their effective, real, and supplementary group
memberships (with the help of bugs in setgid programs, perhaps) in
such a way as to drop group membership and work around the protection.
Also, at least one easy attack comes to mind: hard links made to the
"unreadable" file from under "~buhr/public_html/" or a public FTP
space would likely make the file readable through the web or FTP
server. I assume exclusionary ACLs would suffer from the same
problems, though.
--
Kevin <buhr@xxxxxxxxxxx>
.
- References:
- Negative permissions WITHOUT ACLs
- From: Starfish
- Negative permissions WITHOUT ACLs
- Prev by Date: Any TLS 1.1 servers out there?
- Next by Date: Utimaco Safeguard Easy vulnerability
- Previous by thread: Re: Negative permissions WITHOUT ACLs
- Next by thread: Re: DRM and pdf
- Index(es):
Relevant Pages
|
|
