From: mru@users.sourceforge.net (Måns Rullgård)
To: linux-kernel@vger.kernel.org
Subject: Re: File Permissions are incorrect. Security flaw in Linux
Date: Wed, 01 Oct 2003 15:08:28 +0200 [thread overview]
Message-ID: <yw1x65j9m7g3.fsf@users.sourceforge.net> (raw)
In-Reply-To: 1065012013.4078.2.camel@lisaserver
"Lisa R. Nelson" <lisanels@cableone.net> writes:
> [1.] One line summary of the problem:
> A low level user can delete a file owned by root and belonging to group
> root even if the files permissions are 744. This is not in agreement
> with Unix, and is a major security issue.
>
> [2.] Full description of the problem/report:
> Permissions on a file basis take precedence over directory
> permissions (for most cases), but in Linux they do not. In order to
> secure a file, you have to secure the directory which effects all files
> within it.
> As user 'lisa', I do all my work on my server. One task is to move
> pictures from my digital camera to my server picture directory that is
> wide open to everyone. All users can create sub-folders and put
> pictures in there. But every hour I have a cron job run that changes
> the ownership to root, and sets the permissions to 644 on all files in
> that directory structure. Thinking the files could no longer be altered
> by anyone but root (as would be the case in unix), and found anyone
> could delete them. That's when I discovered this major bug.
This is not a bug. Deleting a file is in effect a modification to the
directory containing the file, not to the file itself. If the file
has a hard link in another directory, it will still remain there,
unmodified. If you want only the owner of a file to be able to delete
it, set the sticky bit on the directory containing it, like this:
chmod 1777 /the/dir
This is commonly used on /tmp. It is also the all Unix systems I've
been using work.
--
Måns Rullgård
mru@users.sf.net
next prev parent reply other threads:[~2003-10-01 13:08 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-10-01 12:40 File Permissions are incorrect. Security flaw in Linux Lisa R. Nelson
2003-10-01 13:08 ` Måns Rullgård [this message]
2003-10-01 13:08 ` Mathieu Chouquet-Stringer
2003-10-01 13:23 ` viro
[not found] ` <1065017722.2995.10.camel@localhost.localdomain>
2003-10-01 15:40 ` viro
2003-10-01 19:27 ` DervishD
2003-10-01 13:53 ` Jurjen Oskam
2003-10-01 14:09 ` Richard B. Johnson
2003-10-01 14:22 ` Andreas Schwab
2003-10-01 15:01 ` John Bradford
2003-10-01 13:58 ` Felipe Alfaro Solana
2003-10-01 14:21 ` DervishD
[not found] ` <1065044031.2158.23.camel@wynken.reefedge.com>
2003-10-01 14:37 ` Lisa R. Nelson
2003-10-01 15:11 ` Bas Mevissen
2003-10-01 15:12 ` Randy.Dunlap
2003-10-01 16:08 ` Richard B. Johnson
2003-10-01 19:21 ` DervishD
2003-10-01 20:30 ` viro
2003-10-01 17:23 ` Brett
2003-10-01 19:24 ` DervishD
2003-10-02 10:32 ` Christian
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=yw1x65j9m7g3.fsf@users.sourceforge.net \
--to=mru@users.sourceforge.net \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox