home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!nwnexus!remote!UUCP
- From: Darin.Wayrynen@f145.n114.z1.fidonet.org (Darin Wayrynen)
- Newsgroups: comp.os.linux
- Subject: 2 Linux ques. (read faq:
- Message-ID: <728264979.AA37063@remote.halcyon.com>
- Date: Wed, 27 Jan 1993 09:58:00 -0800
- Sender: UUCP@remote.halcyon.com
- Lines: 49
-
- * In a message originally to All, Randy Edwards said:
-
-
-
- [misc deletions]
-
- > As root, I made a dummy file named 'test.fil' with an owner
- > and group
- > of 'root' and permissions of -rw-r--r--. Then, I logged in
- > as a normal
- > user and tried to rm the file. I get a 'permission denied'
- > response,
- > and the file remains intact. Great. Then, I immediately
- > change
- > directories to /etc and do a 'rm passwd'. To my surprise, I
- > get a
- > response of 'rm: remove 'passwd', overriding mode 0600?' So
- > I type 'y'
- > and the system deletes my password file. The password file
- > was also
- > owned by and in group 'root' and had permissions of
- > -rw-------. What
- > boggles me is why does the system allow me to delete one
- > file, but not
- > the other? (Remember, I did this logged in as a user, not as
- > root.).
- > To me, since I don't know what's going on, this gives me
- > shudders and
- > fears of system security. Can someone clue me in on what's
- > happening
- > here (and how I might prevent it)?
-
- If a user has write permission on a directory, then he can remove
- files from it. /etc is probaby drwxrwx--- or something like that,
- and the user you were logged in as was part of the same group as
- root.
-
- Think of it this way. If you were logged into /home/randy (assume
- that's your home directory), you wouldn't want people to put files
- in your directory that you couldn't delete correct? So since you
- own it (and also you are part of the group that owns it) you can
- delete files in it...
-
- Darin Wayrynen
- Paragon Consulting Group
-
- * Origin: Paragon BBS (602) 938-8288 (2.0 gigs/Windows/NT/C++ Support)
- (1:114/145)
-
-
