From owner-freebsd-questions Wed Jan 30 22:50:12 2002 Delivered-To: freebsd-questions@freebsd.org Received: from web21008.mail.yahoo.com (web21008.mail.yahoo.com [216.136.227.62]) by hub.freebsd.org (Postfix) with SMTP id A38D637B402 for ; Wed, 30 Jan 2002 22:50:08 -0800 (PST) Message-ID: <20020131065008.9251.qmail@web21008.mail.yahoo.com> Received: from [66.3.230.240] by web21008.mail.yahoo.com via HTTP; Thu, 31 Jan 2002 06:50:08 GMT Date: Thu, 31 Jan 2002 06:50:08 +0000 (GMT) From: =?iso-8859-1?q?Matt=20Sykes?= Subject: Re: able to delete root-owned files as non-root To: Tim Wilde Cc: freebsd-questions@FreeBSD.ORG In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --- Tim Wilde wrote: > On Thu, 31 Jan 2002, [iso-8859-1] Matt Sykes wrote: > > > xerxes:~> whoami > > sykes > > xerxes:~> ll testfile > > -rw-r--r-- 1 root wheel 0 Jan 31 00:23 testfile > > xerxes:~> rm testfile > > override rw-r--r-- root/wheel for testfile? y > > xerxes:~> ll testfile > > ls: testfile: No such file or directory > > > > Big security problem. > > > > This should never ever happen. > > Sure it should. If you own the directory this file is in, you have > permission to do this. It's perfectly standard UNIX filesystem > behavior. > On my solaris box: > > twilde@quartz:~$ ls -lad . > drwxr-xr-x 28 twilde twilde 2048 Jan 31 00:30 . > twilde@quartz:~$ ls -la somefile > -rw-r--r-- 1 root other 0 Jan 31 00:30 somefile > twilde@quartz:~$ rm somefile > rm: somefile: override protection 644 (yes/no)? y > twilde@quartz:~$ ls -la somefile > somefile: No such file or directory > twilde@quartz:~$ > > The ownership of the directory is what gives you permission to > create or > remove files in the directory. You wouldn't be able to EDIT that > file as > someone who doesn't have write privs on it, though. > > Tim Wilde Ok I apologize for being a little rash in sending out this "problem". I first noticed it right after cvsupping 4.5-stable and thought it was related. A hasty assumption. However I did manage to bungle up mergemaster, and consequently root could log in without a password. But that is another story... --Matt __________________________________________________ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message