I have a file -rw-r--r-- 1 root root 149811 2003-08-07 17:49 xx As a regular user I edit the file. Make some changes and write it back. Now the file is -rw-r--r-- 1 markh users 149811 2003-08-27 12:23 xx Am I missing something? Why was I able to write the file? Why was its owner and project changed from root to the users? Do the directory permissions override the file permissions? I must be missing something???? Regards Mark
On Wed, 27 Aug 2003 12:28:57 -0400
Mark Hounschell
I have a file -rw-r--r-- 1 root root 149811 2003-08-07 17:49 xx
As a regular user I edit the file. Make some changes and write it back. Now the file is -rw-r--r-- 1 markh users 149811 2003-08-27 12:23 xx
Am I missing something? Why was I able to write the file? Why was its owner and project changed from root to the users? Do the directory permissions override the file permissions? I must be missing something????
A user can COPY and edit and save a file owned by root, but the result is a file owned by the user. You didn't change root's file. You made a copy owned by you. -- I'm not really a human, but I play one on earth.
zentara wrote:
On Wed, 27 Aug 2003 12:28:57 -0400 Mark Hounschell
wrote: I have a file -rw-r--r-- 1 root root 149811 2003-08-07 17:49 xx
As a regular user I edit the file. Make some changes and write it back. Now the file is -rw-r--r-- 1 markh users 149811 2003-08-27 12:23 xx
Am I missing something? Why was I able to write the file? Why was its owner and project changed from root to the users? Do the directory permissions override the file permissions? I must be missing something????
A user can COPY and edit and save a file owned by root, but the result is a file owned by the user. You didn't change root's file. You made a copy owned by you.
I must still be missing something. It is in fact the same file. It was owned by root now it is owned by markh?? I made no copy. It is the same file. Doesn't -rw-r--r-- 1 root root 149811 2003-08-07 17:49 xx mean it is owned by root? ??? Mark
On Wed, 2003-08-27 at 13:05, Mark Hounschell wrote:
zentara wrote:
On Wed, 27 Aug 2003 12:28:57 -0400 Mark Hounschell
wrote: I have a file -rw-r--r-- 1 root root 149811 2003-08-07 17:49 xx
As a regular user I edit the file. Make some changes and write it back. Now the file is -rw-r--r-- 1 markh users 149811 2003-08-27 12:23 xx
Am I missing something? Why was I able to write the file? Why was its owner and project changed from root to the users? Do the directory permissions override the file permissions? I must be missing something????
A user can COPY and edit and save a file owned by root, but the result is a file owned by the user. You didn't change root's file. You made a copy owned by you.
I must still be missing something. It is in fact the same file. It was owned by root now it is owned by markh?? I made no copy. It is the same file.
Doesn't -rw-r--r-- 1 root root 149811 2003-08-07 17:49 xx mean it is owned by root?
??? Mark
What editor are you using? I bet it does something like: read orig file into ram edit ram copy rename orig file *.old create new file delete *.old One way to tell is to look at the inode number, not the filename. ls -i will give you the inode number. See if it changes or is the same before and after the edit. If it does work like I describe above, the only real fix is to set the permissions on the directory. Directory permissions control things like delete and rename. Greg -- Greg Freemyer
On Wed, 27 Aug 2003 13:05:52 -0400
Mark Hounschell
zentara wrote:
On Wed, 27 Aug 2003 12:28:57 -0400 Mark Hounschell
wrote: I have a file -rw-r--r-- 1 root root 149811 2003-08-07 17:49 xx
As a regular user I edit the file. Make some changes and write it back. Now the file is -rw-r--r-- 1 markh users 149811 2003-08-27 12:23 xx
Am I missing something? Why was I able to write the file? Why was its owner and project changed from root to the users? Do the directory permissions override the file permissions? I must be missing something????
A user can COPY and edit and save a file owned by root, but the result is a file owned by the user. You didn't change root's file. You made a copy owned by you.
I must still be missing something. It is in fact the same file. It was owned by root now it is owned by markh?? I made no copy. It is the same file.
Doesn't -rw-r--r-- 1 root root 149811 2003-08-07 17:49 xx mean it is owned by root?
Yeah, but in your example above you say the file is: -rw-r--r-- 1 markh users 149811 2003-08-27 12:23 xx that is owned by you. You must be making a copy somehow. My machine will not let me do what you claim. If your system, lets you overwrite a root-owned file by a user, then you have a "hacked system", better reinstall. On my system, if I try to edit a root file as a user, when I try to save, it asks for a different filename, it won't overwrite the same file unless I own it. -- I'm not really a human, but I play one on earth.
On Wed, 2003-08-27 at 13:25, zentara wrote:
On Wed, 27 Aug 2003 13:05:52 -0400 Mark Hounschell
wrote: zentara wrote:
On Wed, 27 Aug 2003 12:28:57 -0400 Mark Hounschell
wrote: I have a file -rw-r--r-- 1 root root 149811 2003-08-07 17:49 xx
As a regular user I edit the file. Make some changes and write it back. Now the file is -rw-r--r-- 1 markh users 149811 2003-08-27 12:23 xx
Am I missing something? Why was I able to write the file? Why was its owner and project changed from root to the users? Do the directory permissions override the file permissions? I must be missing something????
A user can COPY and edit and save a file owned by root, but the result is a file owned by the user. You didn't change root's file. You made a copy owned by you.
I must still be missing something. It is in fact the same file. It was owned by root now it is owned by markh?? I made no copy. It is the same file.
Doesn't -rw-r--r-- 1 root root 149811 2003-08-07 17:49 xx mean it is owned by root?
Yeah, but in your example above you say the file is: -rw-r--r-- 1 markh users 149811 2003-08-27 12:23 xx
that is owned by you.
You must be making a copy somehow. My machine will not let me do what you claim. If your system, lets you overwrite a root-owned file by a user, then you have a "hacked system", better reinstall.
On my system, if I try to edit a root file as a user, when I try to save, it asks for a different filename, it won't overwrite the same file unless I own it.
Another thing to check is -your- UID. I have read on this list where some of the users are setting their UID to the same as root's, a no-no in my book. That would alow you to modify root owned files. -- Ken Schneider unix user since 1989 linux user since 1994 SuSE user since 1998
Mark Hounschell wrote:
zentara wrote:
On Wed, 27 Aug 2003 12:28:57 -0400 Mark Hounschell
wrote: I have a file -rw-r--r-- 1 root root 149811 2003-08-07 17:49 xx
As a regular user I edit the file. Make some changes and write it back. Now the file is -rw-r--r-- 1 markh users 149811 2003-08-27 12:23 xx
Am I missing something? Why was I able to write the file? Why was its owner and project changed from root to the users? Do the directory permissions override the file permissions? I must be missing something????
Ok let me clearify exactly what to do to see this "anomaly" In your home directory, as you (markh) create a file. touch /home/markh/xx then: ls -al /home/markh/xx -rw-r--r-- 1 markh users 0 2003-08-27 12:23 /home/markh/xx Ok the file is owned by me... then as root: chown root /home/markh/xx chgrp root /home/markh/xx then ^d to leave root then ls -al /home/markh/xx -rw-r--r-- 1 root root 0 2003-08-27 12:23 /home/markh/xx Ok the file is now owned by root no? Now as user (markh) use vi to edit the file. enter some text and write it back. You will have to use :w! command. The write should fail but does not. The file is now owned by markh again. ls -al /home/markh/xx -rw-r--r-- 1 markh users 22 2003-08-27 15:12 /home/markh/xx And no my machine has not been hacked. Also I have 3 machines here now and more at work all running 8.2 that do the same thing. ?????? Still confused Mark
On Wed, 27 Aug 2003 15:16:47 -0400
Mark Hounschell
Ok let me clearify exactly what to do to see this "anomaly"
In your home directory, as you (markh) create a file.
touch /home/markh/xx
then: ls -al /home/markh/xx -rw-r--r-- 1 markh users 0 2003-08-27 12:23 /home/markh/xx Ok the file is owned by me...
Fine so far.
then as root: chown root /home/markh/xx chgrp root /home/markh/xx then ^d to leave root
Ok but you are doing this as root. Root can alter anyone's files.
then ls -al /home/markh/xx -rw-r--r-- 1 root root 0 2003-08-27 12:23 /home/markh/xx
Ok the file is now owned by root no?
Yep. Everything is the same on my machine.
Now as user (markh) use vi to edit the file. enter some text and write it back. You will have to use :w! command. The write should fail but does not.
This is where my machine differs. My file is now owned by root:root, and if I open it with vi as user zentara:user, vi says it is opened "readonly". "zz" [readonly] 0L, 0C The only thing I can think is happening is that you may still be in the root shell when you start vi. I would be very unhappy if my system did what your's is doing. I can see why you are baffled. I'm using fvwm2, maybe some others can test your procedure, but I'm afraid they will get the same results as me. Something has got to be wrong in your system. I would guess that markh is in the /etc/sudoers listed as root for vi. -- I'm not really a human, but I play one on earth.
Fascinating. I just followed your instructions below and... sure enough... the same thing happened. It DOES indeed overwrite and change ownership of the pre-existing file! That does not make me happy! Rick On Wed, 2003-08-27 at 15:16, Mark Hounschell wrote:
Ok let me clearify exactly what to do to see this "anomaly"
In your home directory, as you (markh) create a file.
touch /home/markh/xx
then: ls -al /home/markh/xx -rw-r--r-- 1 markh users 0 2003-08-27 12:23 /home/markh/xx Ok the file is owned by me...
then as root: chown root /home/markh/xx chgrp root /home/markh/xx then ^d to leave root
then ls -al /home/markh/xx -rw-r--r-- 1 root root 0 2003-08-27 12:23 /home/markh/xx
Ok the file is now owned by root no?
Now as user (markh) use vi to edit the file. enter some text and write it back. You will have to use :w! command. The write should fail but does not.
The file is now owned by markh again.
ls -al /home/markh/xx -rw-r--r-- 1 markh users 22 2003-08-27 15:12 /home/markh/xx
I followed Mark's instructions and had the same result he did. As you say, vi says the file is opened "readonly". However, within vi, when I press "i" to insert, vi then says, "W10: Warning: Changing a readonly file". Then when I do ":w!", it writes it out, changing the ownership in the process. Did you go so far as to actually try to write it out??? Rick On Wed, 2003-08-27 at 16:18, zentara wrote:
Now as user (markh) use vi to edit the file. enter some text and write it back. You will have to use :w! command. The write should fail but does not.
This is where my machine differs. My file is now owned by root:root, and if I open it with vi as user zentara:user, vi says it is opened "readonly". "zz" [readonly] 0L, 0C
The only thing I can think is happening is that you may still be in the root shell when you start vi. I would be very unhappy if my system did what your's is doing. I can see why you are baffled.
I'm using fvwm2, maybe some others can test your procedure, but I'm afraid they will get the same results as me.
Something has got to be wrong in your system. I would guess that markh is in the /etc/sudoers listed as root for vi.
On Wed, 27 Aug 2003 16:33:52 -0400
Rick Friedman
I followed Mark's instructions and had the same result he did.
As you say, vi says the file is opened "readonly". However, within vi, when I press "i" to insert, vi then says, "W10: Warning: Changing a readonly file". Then when I do ":w!", it writes it out, changing the ownership in the process.
Did you go so far as to actually try to write it out???
Ok, I see what is happening, it has to do with directory permissions. It did like you said, it wrote the file and changed permissions to user:users. But this is what is happening. The owner of a directory (you in your homedir) has the right to delete any file in it. So what vi does is open the file owned by root, and when you try to save it, it deletes the root file, and creates a new one owned by user:users. Try the same thing with /home/xx instead of /home/markh/xx vi will not let you save it, because /home is owned by root. -- I'm not really a human, but I play one on earth.
participants (5)
-
Greg Freemyer
-
Ken Schneider
-
Mark Hounschell
-
Rick Friedman
-
zentara