From owner-freebsd-security  Tue Jun 15  8:18: 7 1999
Delivered-To: freebsd-security@freebsd.org
Received: from mail.tellique.de (big-gw.tellique.de [195.126.133.179])
	by hub.freebsd.org (Postfix) with ESMTP id B447514F88
	for <freebsd-security@FreeBSD.ORG>; Tue, 15 Jun 1999 08:18:05 -0700 (PDT)
	(envelope-from ni@tellique.de)
Received: from tellique.de (nolde.tellique.de [62.144.106.52])
	by mail.tellique.de (8.8.7/8.8.8) with ESMTP id RAA05646;
	Tue, 15 Jun 1999 17:17:46 +0200
Message-ID: <37666E9A.33FB34F9@tellique.de>
Date: Tue, 15 Jun 1999 17:17:46 +0200
From: Juergen Nickelsen <ni@tellique.de>
Organization: Tellique Kommunikationstechnik GmbH, Germany
X-Mailer: Mozilla 4.6 [en] (WinNT; U)
X-Accept-Language: de,en
MIME-Version: 1.0
To: David Shaw <dshaw@jabberwocky.com>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: reading files.
References: <Pine.BSF.4.10.9906131445410.7278-100000@fkr.dynip.com> <Pine.GSO.3.96.990614110658.7830A-100000@sol.cs.binghamton.edu> <19990614143734.B4439@jabberwocky.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

David Shaw wrote on freebsd-security:

> It's true that the NT Administrator can't read files that he doesn't
> have permission for, but since Administrator controls the ACLs, if he
> can't read something, he can trivially just change the permissions and
> give himself access!

He can't without taking over the ownership of the file, i. e. he can,
but the original owner can tell afterwards.

Greetings, Juergen.

-- 
Juergen Nickelsen <ni@tellique.de>
Tellique Kommunikationstechnik GmbH
Gustav-Meyer-Allee 25, 13355 Berlin, Germany
Tel. +49 30 46307-552 / Fax +49 30 46307-579


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message