Re: FS possible security exposure ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, 2005-12-25 at 13:10 +0300, regatta wrote:
> I'm using Vi in Solaris and Vim in Linux, do you think this is the
> problem ?

that very well can be the difference

> but if you think about it, how could the system allow the user to
> modify a file that he don't own it and he don't have write privilege
> on the file just because he has write in the parent directory ?
> 
> Maybe I'm wrong, but is this normal ? please let me know

this is normal and a result of the linux permission model.
(and fwiw you don't get to edit the file, only to create a new file. You
may think that's exactly the same.. but it's not in the light of
hardlinks)

Btw there is a "sticky bit" you can set on the directory which changes this behavior,
for example /tmp has this set for obvious reasons

> BTW: is there any document, article or any page about this so I can
> show it to my boss :)

I suspect the SUS standard fully specifies the 4 rules I mentioned and
the sticky-exception (and the rest is an obvious result)


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux