How can user mlh delete files that belong to root?
This is a discussion on How can user mlh delete files that belong to root? within the Linux Security forums, part of the System Security and Security Related category; I don't understand how mlh can delete files that belong to root if mlh is not in the group ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
03-29-2005
|
|||
|
|||
How can user mlh delete files that belong to root?
I don't understand how mlh can delete files that belong
to root if mlh is not in the group the file belongs to and the file has no write permish except for the file owner (which is root). Anybody wanna take a stab at it? xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx mlh@appserver mlh $ whoami mlh mlh@appserver mlh $ groups wheel mlh accounting mlh@appserver mlh $ ls-l /junk total 4 -rw-r--r-- 1 root root 214 Mar 29 06:23 RootTestFile.txt -rw-r--r-- 1 mlh mlh 0 Mar 29 06:23 myscreencap drwxrwxrwx 2 mlh dewey 48 Mar 21 20:28 testdir mlh@appserver mlh $ cat /junk/RootTestFile.txt This file belongs to root. root put it in the /junk directory on Tuesday morning, about 6:20AM. The permish will be set up to be -rw-r--r--. With that permish, I don't think mlh should be able to delete it. Right? mlh@appserver mlh $ rm /junk/RootTestFile.txt rm: remove write-protected regular file `/junk/RootTestFile.txt'? y mlh@appserver mlh $ ls -l /junk total 0 -rw-r--r-- 1 mlh mlh 0 Mar 29 06:23 myscreencap drwxrwxrwx 2 mlh dewey 48 Mar 21 20:28 testdir 
|
|
03-29-2005
|
|||
|
|||
|
Re: How can user mlh delete files that belong to root?
"MLH" <CRCI@NorthState.net> wrote in message
news:pakj41d7ca1c5rr0gv5lf1hc5sieo0lr82@4ax.com > I don't understand how mlh can delete files that belong > to root if mlh is not in the group the file belongs to and > the file has no write permish except for the file owner > (which is root). > > Anybody wanna take a stab at it? mlh owns and has write perms on the directory where the file resides.
|
|
03-30-2005
|
|||
|
|||
|
Re: How can user mlh delete files that belong to root?
MLH <CRCI@NorthState.net> writes:
>I don't understand how mlh can delete files that belong >to root if mlh is not in the group the file belongs to and >the file has no write permish except for the file owner >(which is root). If mhl has write permission to the directory in which those files exist, then mhl can erase them. erasing is an operation on the directory, not on the file itself. It removes the file from the directory and filesystem. >Anybody wanna take a stab at it? >xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx x >mlh@appserver mlh $ whoami >mlh >mlh@appserver mlh $ groups >wheel mlh accounting >mlh@appserver mlh $ ls-l /junk >total 4 >-rw-r--r-- 1 root root 214 Mar 29 06:23 RootTestFile.txt >-rw-r--r-- 1 mlh mlh 0 Mar 29 06:23 myscreencap >drwxrwxrwx 2 mlh dewey 48 Mar 21 20:28 testdir >mlh@appserver mlh $ cat /junk/RootTestFile.txt >This file belongs to root. root put it in the /junk >directory on Tuesday morning, about 6:20AM. The permish >will be set up to be -rw-r--r--. With that permish, I >don't think mlh should be able to delete it. Right? >mlh@appserver mlh $ rm /junk/RootTestFile.txt >rm: remove write-protected regular file `/junk/RootTestFile.txt'? y >mlh@appserver mlh $ ls -l /junk >total 0 >-rw-r--r-- 1 mlh mlh 0 Mar 29 06:23 myscreencap >drwxrwxrwx 2 mlh dewey 48 Mar 21 20:28 testdir You do not show us the permission on the directory /junk. If they are the same as testdir then anyone can remove any files from /junk. TO allow only the owners of the files to remove them, do chmod +t /junk (as root)
|
Linear Mode
