From: mru@users.sourceforge.net (Måns Rullgård)
To: linux-kernel@vger.kernel.org
Subject: Re: File Permissions are incorrect. Security flaw in Linux
Date: Wed, 01 Oct 2003 15:08:28 +0200 [thread overview]
Message-ID: <yw1x65j9m7g3.fsf@users.sourceforge.net> (raw)
In-Reply-To: 1065012013.4078.2.camel@lisaserver
"Lisa R. Nelson" <lisanels@cableone.net> writes:
> [1.] One line summary of the problem:
> A low level user can delete a file owned by root and belonging to group
> root even if the files permissions are 744. This is not in agreement
> with Unix, and is a major security issue.
>
> [2.] Full description of the problem/report:
> Permissions on a file basis take precedence over directory
> permissions (for most cases), but in Linux they do not. In order to
> secure a file, you have to secure the directory which effects all files
> within it.
> As user 'lisa', I do all my work on my server. One task is to move
> pictures from my digital camera to my server picture directory that is
> wide open to everyone. All users can create sub-folders and put
> pictures in there. But every hour I have a cron job run that changes
> the ownership to root, and sets the permissions to 644 on all files in
> that directory structure. Thinking the files could no longer be altered
> by anyone but root (as would be the case in unix), and found anyone
> could delete them. That's when I discovered this major bug.
This is not a bug. Deleting a file is in effect a modification to the
directory containing the file, not to the file itself. If the file
has a hard link in another directory, it will still remain there,
unmodified. If you want only the owner of a file to be able to delete
it, set the sticky bit on the directory containing it, like this:
chmod 1777 /the/dir
This is commonly used on /tmp. It is also the all Unix systems I've
been using work.
--
Måns Rullgård
mru@users.sf.net
next prev parent reply other threads:[~2003-10-01 13:08 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-10-01 12:40 File Permissions are incorrect. Security flaw in Linux Lisa R. Nelson
2003-10-01 13:08 ` Måns Rullgård [this message]
2003-10-01 13:08 ` Mathieu Chouquet-Stringer
2003-10-01 13:23 ` viro
[not found] ` <1065017722.2995.10.camel@localhost.localdomain>
2003-10-01 15:40 ` viro
2003-10-01 19:27 ` DervishD
2003-10-01 13:53 ` Jurjen Oskam
2003-10-01 14:09 ` Richard B. Johnson
2003-10-01 14:22 ` Andreas Schwab
2003-10-01 15:01 ` John Bradford
2003-10-01 13:58 ` Felipe Alfaro Solana
2003-10-01 14:21 ` DervishD
[not found] ` <1065044031.2158.23.camel@wynken.reefedge.com>
2003-10-01 14:37 ` Lisa R. Nelson
2003-10-01 15:11 ` Bas Mevissen
2003-10-01 15:12 ` Randy.Dunlap
2003-10-01 16:08 ` Richard B. Johnson
2003-10-01 19:21 ` DervishD
2003-10-01 20:30 ` viro
2003-10-01 17:23 ` Brett
2003-10-01 19:24 ` DervishD
2003-10-02 10:32 ` Christian
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=yw1x65j9m7g3.fsf@users.sourceforge.net \
--to=mru@users.sourceforge.net \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.