From owner-freebsd-questions Tue Dec 22 09:11:30 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id JAA18224 for freebsd-questions-outgoing; Tue, 22 Dec 1998 09:11:30 -0800 (PST) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from ingate.uk.neceur.com (ingate.uk.neceur.com [193.116.254.1]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA18219 for ; Tue, 22 Dec 1998 09:11:27 -0800 (PST) (envelope-from Jeff.Bond@nectech.co.uk) Received: from internal-mail.uk.neceur.com by ingate.uk.neceur.com id RAA03193; Tue, 22 Dec 1998 17:10:14 GMT Received: from exchange.nectech.co.uk by internal-mail.uk.neceur.com id RAA21832; Tue, 22 Dec 1998 17:10:11 GMT from exchange.nectech.co.uk (exchange.nectech.co.uk [193.116.199.241]) id RAA21832 for (2.4-8.8.8/3.1.31); Tue, 22 Dec 1998 17:10:11 GMT Received: by exchange.nectech.co.uk with Internet Mail Service (5.0.1460.8) id ; Tue, 22 Dec 1998 17:07:17 -0000 Message-ID: <084DD226F592D211988800A024AC583B02B78B@exchange.nectech.co.uk> From: "Bond, Jeffery" To: "'questions@freebsd.org'" Subject: FW: Basic Security Question Date: Tue, 22 Dec 1998 17:07:17 -0000 X-Mailer: Internet Mail Service (5.0.1460.8) Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Oops, I just tried it for myself. I now agree with you, you _were_ right > all along. Sorry, I never realised this, it's true that you learn > something new every day. > > Does the group ID come into play? When I tried it just now, I added group > write permission to /etc and then logged in as 'jeff' (a normal user), I > could move the 'passwd' file which had write permission only enabled for > the owner (root). Did this work because user 'jeff' is also in the 'wheel' > group? (passwd file has GID of 'wheel')? If 'jeff' was not in group > 'wheel', would it fail? > > Regards, > > Jeff > > -----Original Message----- > From: Crist J. Clark [SMTP:cjc@scitec.com] > Sent: 22 December 1998 17:10 > To: Jeff.Bond@nectech.co.uk > Cc: cjclark@home.com; questions@FreeBSD.ORG > Subject: Re: Basic Security Question > > Bond, Jeffery wrote, > > I still believe you are wrong. When you su'd to cjc (from root), you > still > > have root priviliges. Check the owner ship of passwd.old after you moved > it, > > its still owned by root. If you logged in as cjc rather than su-ing from > > root, you will find that I am right, and the mv command will fail. > > Nope, I'm right. When I su to cjc, I /am/ cjc. No root privileges, I > could not append or edit passwd.old if I had tried. The ability to > create, remove, and rename (move) a file is determined by the > directory's permissions, not the file's. As I pointed out in my > original mail, see 'man sticky' on how to prevent files from being > removed or moved by other users in a world writable diretory. Here is > an excerpt from that manpage, > > "[The sticky bit] is usefully applied to directories such as /tmp > which must be publicly writable but should deny users the license > to arbitrarily delete or rename each others' files." > -- > Crist J. Clark cjc@scitec.com > SciTec, Inc To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message