From owner-freebsd-questions Mon Dec 11 22:27:16 2000 From owner-freebsd-questions@FreeBSD.ORG Mon Dec 11 22:27:14 2000 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from bazooka.unixfreak.org (bazooka.unixfreak.org [63.198.170.138]) by hub.freebsd.org (Postfix) with ESMTP id BF78737B402 for ; Mon, 11 Dec 2000 22:27:13 -0800 (PST) Received: by bazooka.unixfreak.org (Postfix, from userid 1000) id 1650B3E09; Mon, 11 Dec 2000 22:27:13 -0800 (PST) Subject: Re: Can't remove uid "nobody" files... To: aj@entic.net (Anil Jangity) Date: Mon, 11 Dec 2000 22:27:13 -0800 (PST) Cc: freebsd-questions@freebsd.org, aj@entic.net In-Reply-To: from "Anil Jangity" at Dec 12, 2000 05:45:20 AM X-Mailer: ELM [version 2.5 PL3] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-Id: <20001212062713.1650B3E09@bazooka.unixfreak.org> From: dima@unixfreak.org (Dima Dorfman) Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG [Dropped freebsd-security from cc list; off topic.] Anil Jangity wrote: > > IHAU who created some files (don't know how) but I can't seem to remove > them: > > roki@mars: ~/public_html/cgi-bin/UltraBoard/Private/Backups % ls -loa > index.html > -rw-r--r-- 1 nobody shell - 143 Sep 25 22:48 index.html > roki@mars: ~/public_html/cgi-bin/UltraBoard/Private/Backups % pwd > /home/roki/public_html/cgi-bin/UltraBoard/Private/Backups > > Two questions: > > 1. How did he create a file with permissions "nobody"? I tried to do the By default, Apache runs as the user 'nobody'. If a program started from the web server (CGI) attempts to write something, it will show up with the user id of nobody. If you don't like this behavior, you may want to look into setting up suexec (see www.apache.org). > same and I either get operation not permitted or it really creates the > file with my uid and not as uid nobody. I even tried to tar -cvf up a file > with uid nobody and then tried to extrat it as normal user... just to see Mortal (non-superuser) users can't change ownership of their own files (except on some *really* old SunOS systems). Groups are a different story. If you could "give away" your own files, though, what would stop you from copying /bin/csh into your home directory, setting its mode to 4555 (set userid), and changing its ownership to root? You would effectively have a shell that runs set userid to root. That, for obvious reasons, is not good for security. > > 2. How do I remove them? (I haven't tried to do it as root... just yet) If you own the directory, you can remove them. A regular 'rm' should work. In any case, doing it as root or from the web server would work as well. -- Dima Dorfman Finger dima@unixfreak.org for PGP public key. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message