Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 12 Dec 2000 07:08:18 -0500 (EST)
From:      Ralph Huntington <rjh@mohawk.net>
To:        Anil Jangity <aj@entic.net>
Cc:        freebsd-security@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG
Subject:   Re: Can't remove uid "nobody" files...
Message-ID:  <Pine.BSF.4.21.0012120655250.82757-100000@mohegan.mohawk.net>
In-Reply-To: <Pine.BSF.4.31.0012120536240.69676-100000@mars.entic.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
Files owned by user 'nobody' are usually created by the web server (http
daemon running as 'nobody') in a world-writable directory that is
generally owned by the user who owns the script that causes the files to
be written. It's actually rather common, if not good practice (cgi
'wrappers' are a better way, IMO).

If the directory is no longer world-writable, you'll need to be root to
remove them (or the user who owns the directory in which the files
reside).

	-=r=-

On Tue, 12 Dec 2000, Anil Jangity wrote:

> IHAU who created some files (don't know how) but I can't seem to remove
> them:
> 
> id:
> uid=1527(roki) gid=1000(shell) groups=1000(shell)
> 
> 
> FreeBSD mars 4.2-STABLE FreeBSD 4.2-STABLE #0: Sun Dec 10
> 11:07:18 GMT 2000     root@mars:/src/sys/compile/kernel.mars i386
> 
> roki@mars: ~/public_html/cgi-bin/UltraBoard/Private/Backups % ls -loa
> index.html
> -rw-r--r--  1 nobody  shell  - 143 Sep 25 22:48 index.html
> roki@mars: ~/public_html/cgi-bin/UltraBoard/Private/Backups % pwd
> /home/roki/public_html/cgi-bin/UltraBoard/Private/Backups
> 
> 
> 
> Two questions:
> 
> 1. How did he create a file with permissions "nobody"? I tried to do the
> same and I either get operation not permitted or it really creates the
> file with my uid and not as uid nobody. I even tried to tar -cvf up a file
> with uid nobody and then tried to extrat it as normal user... just to see
> 
> 2. How do I remove them? (I haven't tried to do it as root... just yet)
> 
> 
> Thanks in advance.
> 
> PS: When replying please make sure my email address is there - not
> subscribed to -questions.
> 
> 
> Kind regards,
> 
> Anil Jangity (Taos)
> anil@taos.com
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0012120655250.82757-100000>