Re: File Permissions are incorrect. Security flaw in Linux

From: DervishD
Date: Wed Oct 01 2003 - 09:20:00 EST

Next message: Andrew de Quincey: "Re: [ACPI] p2b-ds blacklisted?"
Previous message: viro: "Re: [ANNOUNCE] DigSig 0.2: kernel module for digital signature verification for binaries"
In reply to: Felipe Alfaro Solana: "Re: File Permissions are incorrect. Security flaw in Linux"
Next in thread: Lisa R. Nelson: "Re: File Permissions are incorrect. Security flaw in Linux"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Lisa :)

* Lisa R. Nelson <lisanels@xxxxxxxxxxxx> dixit:
> [1.] One line summary of the problem:
> A low level user can delete a file owned by root and belonging to group
> root even if the files permissions are 744. This is not in agreement
> with Unix, and is a major security issue.

You're not right here: all Unices I have knowledge about has this
same scheme. But really it doesn't matter, because the reason behind
this is that files are just links in a directory, so for deleting a
file, that is, *unlinking* it, you need to have write permission on
the *container*: the directory.

> Permissions on a file basis take precedence over directory
> permissions (for most cases), but in Linux they do not.

Just curiosity: which Unix behaves that way?

> In order to secure a file, you have to secure the directory which
> effects all files within it.

Not exactly, but you're true. You can use the sticky bit for
directories if you want them to be 'append only'. This way anybody
can read your files if you want, add files and remove them, *but*
they WON'T be able to delete YOUR files. This is used in /tmp, for
example.

> I verified this on a sun station today

I may be wrong here, for a long time has passed since I last used
a SparcStation or similar, but AFAIK SunOS behaves like Linux in this
issue. In fact, this is the common Unix behaviour.

> http://www.auburn.edu/oit/software/os/unix_files.html

Quote: "Permissions are divided into three types [...] Write
permission allows the user [...] For directories, write permission
allows the user to create new files or delete files within that
directory".

> http://www.dartmouth.edu/~rc/help/faq/permissions.html

The same: "w [...] file is writeable. On a directory, write
access means you can add or delete files".

> http://www.december.com/unix/tutor/permissions.html

Nothing relevant. A lame tutorial on Unix permissions, BTW.

> http://www.itc.virginia.edu/desktop/web/permissions/

"Write [...] create a new file in the directory". Incomplete, but
will do...

As you can see, even your sources say exactly the same...

Raúl Núñez de Arenas Coronado

--
Linux Registered User 88736
http://www.pleyades.net & http://raul.pleyades.net/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrew de Quincey: "Re: [ACPI] p2b-ds blacklisted?"
Previous message: viro: "Re: [ANNOUNCE] DigSig 0.2: kernel module for digital signature verification for binaries"
In reply to: Felipe Alfaro Solana: "Re: File Permissions are incorrect. Security flaw in Linux"
Next in thread: Lisa R. Nelson: "Re: File Permissions are incorrect. Security flaw in Linux"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]