Date: Sun, 4 May 1997 17:10:50 +0200 (MET DST) From: Wolfgang Helbig <helbig@MX.BA-Stuttgart.De> To: fullermd@narcissus.ml.org (The Devil Himself) Cc: un_x@anchorage.net, questions@FreeBSD.ORG Subject: Re: permissions Message-ID: <199705041510.RAA00702@helbig.informatik.ba-stuttgart.de> In-Reply-To: <Pine.NEB.3.96.970504065759.20229B-100000@narcissus.ml.org> from The Devil Himself at "May 4, 97 07:02:33 am"
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, > On Sat, 3 May 1997, abc xyz wrote: > > > > > why is it that i can open, modify, and save changes to a > > > > file with r--r--r-- perms (as root)? shouldn't a file be > > > > read only under these conditions? > > > > ------------------------------------------------------------------------- > > > > > > What do you mean, "as root"? > > > > i mean i can do these things as root (2.2.1). > > i guess i should've added that the files ARE > > owner root, group wheel. i don't think i > > should be able to modify such files, but i can. > > it's interesting that you say you can't. > > are you using 2.2.1? > > > > > If the file belongs to root, and you are anyone, including root, then you > > > have a problem. > > > Doesn't sound like a common one, because I had some files on my system > > > r--r--r-- owner root, group wheel, and I got annoyed because I couldn't > > > save changes, even as root. > > This was on a 2.1.6 system. > I've also experienced it on a 2.2-STABLE 4/26/97 system. > I've also come across it on a AIX 3.2.4 (shudder) system. > When you say modify and save changes, how are you doing this? > vi? > pico? > emacs? > echo? > Wasn't there some hole in emacs, about it ignoring file permissions? > I'm pretty sure there was one a while ago about it ignoring ownership... The file permissions are enforced by the kernel, i. e. even if some userland software ignores the permissions, the kernel won't let you write, read or execute in violation of the permission rules. If you are root -- more precisely if your UID is 0 -- the permission rules allow you to read and write regardless of the permission flags and owner of the file in question. To protect a file from root, you have to set the immutable flag with the chflags(1) command. E. g. this is done by the install target of the kernel Makefile to prevent root from hosing the kernel by changing or deleting it accidently. An $ ls -ol /kernel /kernel.old shows the setting of this flag: -r-xr-xr-x 1 root wheel schg 793551 2 Mai 21:37 /kernel -r-xr-xr-x 1 root wheel - 788710 26 Apr 19:36 /kernel.old Wolfgang
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199705041510.RAA00702>