Mailinglist Archive: opensuse (2731 mails)
| < Previous | Next > |
Re: [SLE] file permissions?
- From: Ken Schneider <kschneider@xxxxxxxx>
- Date: Wed, 27 Aug 2003 13:36:05 -0400
- Message-id: <1062005765.24049.15.camel@xxxxxxxxxxxx>
On Wed, 2003-08-27 at 13:25, zentara wrote:
> On Wed, 27 Aug 2003 13:05:52 -0400
> Mark Hounschell <dmarkh@xxxxxxxxxx> wrote:
>
> >zentara wrote:
> >>
> >> On Wed, 27 Aug 2003 12:28:57 -0400
> >> Mark Hounschell <dmarkh@xxxxxxxxxx> wrote:
> >>
> >> >I have a file
> >> >-rw-r--r-- 1 root root 149811 2003-08-07 17:49 xx
> >> >
> >> >As a regular user I edit the file. Make some changes and write it back.
> >> >Now the file is
> >> >-rw-r--r-- 1 markh users 149811 2003-08-27 12:23 xx
> >> >
> >> >Am I missing something? Why was I able to write the file? Why was its
> >> >owner and project changed from root to the users? Do the directory
> >> >permissions override the file permissions? I must be missing
> >> >something????
> >>
> >> A user can COPY and edit and save a file owned by root, but the result
> >> is a file owned by the user.
> >> You didn't change root's file. You made a copy owned by you.
> >>
> >
> >I must still be missing something. It is in fact the same file. It was
> >owned by root
> >now it is owned by markh?? I made no copy. It is the same file.
> >
> >Doesn't
> >-rw-r--r-- 1 root root 149811 2003-08-07 17:49 xx
> >mean it is owned by root?
>
> Yeah, but in your example above you say the file is:
> -rw-r--r-- 1 markh users 149811 2003-08-27 12:23 xx
>
> that is owned by you.
>
> You must be making a copy somehow. My machine will not let me do
> what you claim. If your system, lets you overwrite a root-owned file
> by a user, then you have a "hacked system", better reinstall.
>
> On my system, if I try to edit a root file as a user, when I try to save, it
> asks for a different filename, it won't overwrite the same file unless I own it.
>
Another thing to check is -your- UID. I have read on this list where
some of the users are setting their UID to the same as root's, a no-no
in my book. That would alow you to modify root owned files.
--
Ken Schneider
unix user since 1989
linux user since 1994
SuSE user since 1998
> On Wed, 27 Aug 2003 13:05:52 -0400
> Mark Hounschell <dmarkh@xxxxxxxxxx> wrote:
>
> >zentara wrote:
> >>
> >> On Wed, 27 Aug 2003 12:28:57 -0400
> >> Mark Hounschell <dmarkh@xxxxxxxxxx> wrote:
> >>
> >> >I have a file
> >> >-rw-r--r-- 1 root root 149811 2003-08-07 17:49 xx
> >> >
> >> >As a regular user I edit the file. Make some changes and write it back.
> >> >Now the file is
> >> >-rw-r--r-- 1 markh users 149811 2003-08-27 12:23 xx
> >> >
> >> >Am I missing something? Why was I able to write the file? Why was its
> >> >owner and project changed from root to the users? Do the directory
> >> >permissions override the file permissions? I must be missing
> >> >something????
> >>
> >> A user can COPY and edit and save a file owned by root, but the result
> >> is a file owned by the user.
> >> You didn't change root's file. You made a copy owned by you.
> >>
> >
> >I must still be missing something. It is in fact the same file. It was
> >owned by root
> >now it is owned by markh?? I made no copy. It is the same file.
> >
> >Doesn't
> >-rw-r--r-- 1 root root 149811 2003-08-07 17:49 xx
> >mean it is owned by root?
>
> Yeah, but in your example above you say the file is:
> -rw-r--r-- 1 markh users 149811 2003-08-27 12:23 xx
>
> that is owned by you.
>
> You must be making a copy somehow. My machine will not let me do
> what you claim. If your system, lets you overwrite a root-owned file
> by a user, then you have a "hacked system", better reinstall.
>
> On my system, if I try to edit a root file as a user, when I try to save, it
> asks for a different filename, it won't overwrite the same file unless I own it.
>
Another thing to check is -your- UID. I have read on this list where
some of the users are setting their UID to the same as root's, a no-no
in my book. That would alow you to modify root owned files.
--
Ken Schneider
unix user since 1989
linux user since 1994
SuSE user since 1998
| < Previous | Next > |