> -----Original Message----- > From: redhat-list-bounces@xxxxxxxxxx > [mailto:redhat-list-bounces@xxxxxxxxxx]On Behalf Of Tobias Speckbacher > Sent: Thursday, April 14, 2005 3:27 PM > To: General Red Hat Linux discussion list > Subject: RE: why can I write to a file I don't have perms to?? > > > > > > -----Original Message----- > > From: redhat-list-bounces@xxxxxxxxxx > > [mailto:redhat-list-bounces@xxxxxxxxxx]On Behalf Of > > David.Knight@xxxxxxxxxxxx > > Sent: Thursday, April 14, 2005 3:19 PM > > To: General Red Hat Linux discussion list > > Cc: General Red Hat Linux discussion list; > > redhat-list-bounces@xxxxxxxxxx > > Subject: RE: why can I write to a file I don't have perms to?? > > > > > > Hummm, I'm sure that it is suppose to work this way but I > > don't understand > > why. This is a much weaker security model then any Unix filesystem > > standards. > > Works exactly the same way on Solaris, etc. I take that back, sticky does serve the same purpose though, although it does not seem to apply in the context you stated on Solaris. > > > > > > > > > > > > > "Tobias Speckbacher" <TSpeckbacher@xxxxxxxxx> > > Sent by: redhat-list-bounces@xxxxxxxxxx > > 04/14/2005 05:17 PM > > Please respond to General Red Hat Linux discussion list > > > > > > To: "General Red Hat Linux discussion list" > > <redhat-list@xxxxxxxxxx> > > cc: > > Subject: RE: why can I write to a file I don't > > have perms to?? > > > > > > > > > > > -----Original Message----- > > > From: redhat-list-bounces@xxxxxxxxxx > > > [mailto:redhat-list-bounces@xxxxxxxxxx]On Behalf Of > > > David.Knight@xxxxxxxxxxxx > > > Sent: Thursday, April 14, 2005 2:59 PM > > > To: General Red Hat Linux discussion list > > > Cc: redhat-list@xxxxxxxxxx; redhat-list-bounces@xxxxxxxxxx > > > Subject: Re: why can I write to a file I don't have perms to?? > > > > > > > > > David.Knight@xxxxxxxxxxxx > > > Sent by: redhat-list-bounces@xxxxxxxxxx > > > 04/14/2005 04:56 PM > > > Please respond to General Red Hat Linux discussion list > > > > > > > > > To: redhat-list@xxxxxxxxxx > > > cc: > > > Subject: why can I write to a file I don't own?? > > > > > > > > > RedHat List, > > > I was working on a script the other day and ran into > > > an anomaly > > > with the file permission's on files. I have checked this on > > > several ES > > > servers and all produce the same results. Say a file has the > > > following > > > perms: 644 and it is owner and group are root:root. as long > > > as a user has > > > > > > write permission's to the directory it is in they can write > > > to it. > > > > This is how it is supposed to work. > > > > >not > > > only that the UID:GID change to that user. I am running ext3 > > > file systems > > > with kernel 2.4.21-20.ELsmp. So my question is > > > > > > 1) why is this allowed? > > > 2) can I change this? > > > > yes create a directory as root and set the sticky bit on it, > > deposit the > > file you want to protect inside this directory. > > This should prevent the user from messing with the files. > > > > http://www.linuxdevcenter.com/pub/a/linux/lpt/22_06.html > > > > > > > > # pwd > > > /home/test_dir > > > # rm test.fil > > > # pwd > > > /home/test_dir > > > # ls -ld . > > > drwxr-xr-x 2 user7 root 4096 Apr 14 16:56 . > > > # id > > > uid=0(root) gid=0(root) > > > groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) > > > # echo "test from root" > test.fil > > > # ls -l test.fil > > > -rw-r--r-- 1 root root 15 Apr 14 16:57 test.fil > > > # su - user7 > > > $vi test.fil > > > $ ls -l test.fil > > > -rw-r--r-- 1 user7 user7 31 Apr 14 16:57 test.fil > > > $ cat test.fil > > > test from root > > > test from uset7 > > > > > > However it doesn't let you echo "test from user7" > > ./test.fil. it > > > responds correctly...... > > > Any thoughts on this would be great. > > > -David Knight > > > > > > -- > > > redhat-list mailing list > > > unsubscribe > > mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > > > https://www.redhat.com/mailman/listinfo/redhat-list > > > > > > > > > > > > -- > > > redhat-list mailing list > > > unsubscribe > > mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > > > https://www.redhat.com/mailman/listinfo/redhat-list > > > > > > > -- > > redhat-list mailing list > > unsubscribe > mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > > https://www.redhat.com/mailman/listinfo/redhat-list > > > > > > > > -- > > redhat-list mailing list > > unsubscribe > mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > > https://www.redhat.com/mailman/listinfo/redhat-list > > > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
