> -----Original Message----- > From: redhat-list-bounces@xxxxxxxxxx > [mailto:redhat-list-bounces@xxxxxxxxxx]On Behalf Of > David.Knight@xxxxxxxxxxxx > Sent: Thursday, April 14, 2005 3:19 PM > To: General Red Hat Linux discussion list > Cc: General Red Hat Linux discussion list; > redhat-list-bounces@xxxxxxxxxx > Subject: RE: why can I write to a file I don't have perms to?? > > > Hummm, I'm sure that it is suppose to work this way but I > don't understand > why. This is a much weaker security model then any Unix filesystem > standards. Works exactly the same way on Solaris, etc. > > > > > > "Tobias Speckbacher" <TSpeckbacher@xxxxxxxxx> > Sent by: redhat-list-bounces@xxxxxxxxxx > 04/14/2005 05:17 PM > Please respond to General Red Hat Linux discussion list > > > To: "General Red Hat Linux discussion list" > <redhat-list@xxxxxxxxxx> > cc: > Subject: RE: why can I write to a file I don't > have perms to?? > > > > > > -----Original Message----- > > From: redhat-list-bounces@xxxxxxxxxx > > [mailto:redhat-list-bounces@xxxxxxxxxx]On Behalf Of > > David.Knight@xxxxxxxxxxxx > > Sent: Thursday, April 14, 2005 2:59 PM > > To: General Red Hat Linux discussion list > > Cc: redhat-list@xxxxxxxxxx; redhat-list-bounces@xxxxxxxxxx > > Subject: Re: why can I write to a file I don't have perms to?? > > > > > > David.Knight@xxxxxxxxxxxx > > Sent by: redhat-list-bounces@xxxxxxxxxx > > 04/14/2005 04:56 PM > > Please respond to General Red Hat Linux discussion list > > > > > > To: redhat-list@xxxxxxxxxx > > cc: > > Subject: why can I write to a file I don't own?? > > > > > > RedHat List, > > I was working on a script the other day and ran into > > an anomaly > > with the file permission's on files. I have checked this on > > several ES > > servers and all produce the same results. Say a file has the > > following > > perms: 644 and it is owner and group are root:root. as long > > as a user has > > > > write permission's to the directory it is in they can write > > to it. > > This is how it is supposed to work. > > >not > > only that the UID:GID change to that user. I am running ext3 > > file systems > > with kernel 2.4.21-20.ELsmp. So my question is > > > > 1) why is this allowed? > > 2) can I change this? > > yes create a directory as root and set the sticky bit on it, > deposit the > file you want to protect inside this directory. > This should prevent the user from messing with the files. > > http://www.linuxdevcenter.com/pub/a/linux/lpt/22_06.html > > > > > # pwd > > /home/test_dir > > # rm test.fil > > # pwd > > /home/test_dir > > # ls -ld . > > drwxr-xr-x 2 user7 root 4096 Apr 14 16:56 . > > # id > > uid=0(root) gid=0(root) > > groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) > > # echo "test from root" > test.fil > > # ls -l test.fil > > -rw-r--r-- 1 root root 15 Apr 14 16:57 test.fil > > # su - user7 > > $vi test.fil > > $ ls -l test.fil > > -rw-r--r-- 1 user7 user7 31 Apr 14 16:57 test.fil > > $ cat test.fil > > test from root > > test from uset7 > > > > However it doesn't let you echo "test from user7" > ./test.fil. it > > responds correctly...... > > Any thoughts on this would be great. > > -David Knight > > > > -- > > redhat-list mailing list > > unsubscribe > mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > > https://www.redhat.com/mailman/listinfo/redhat-list > > > > > > > > -- > > redhat-list mailing list > > unsubscribe > mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > > https://www.redhat.com/mailman/listinfo/redhat-list > > > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > > > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
