view folders as root without read permissions

cad · 01-28-2007, 10:12 AM

If I am the root can I see every users files and folders even if I dont have the required permissions and I dont even want to change the permissions.

b0uncer · 01-28-2007, 10:16 AM

Most probably yes. Some hacker dude might find a way to prevent this from happening (for example hazzle around with inode numbers to 'hide' a file), but if you're only talking about permissions, then root user is able to "see everything". That's pretty much the point of having a root user.

EDIT: also a file with permissions set that nobody has any permissions, specifically that nobody can write to the file, can be removed as root without problems. Root "doesn't need permissions" for that, if you like to put it (in this case) that way. It is possible, though, to se a special bit on the file which prevents anybody from removing or altering it in any way. But even if you did that, root could change the bit, alter the file (or remove it) and then set the bit back. Since root user is the highest user (superuser) on the system, if you could create a file which root cannot access, you could create a file nobody can access -- it would be a problem, since then the creator shouldn't have been able to create it, even.

cad · 01-29-2007, 11:58 PM

I didnt tell it before that I was working on an NFS and had the root permissions of a computer which can mount the NFS partitions. But I as root of that single comp. couldn't even change the permission of those. So how is it possible that even if I am the root I cant even change the permissions.
Now I am not doing it illegaly so please answer it.

btmiller · 01-30-2007, 01:19 AM

Generally NFS servers squash the root user on exports (i.e. remap the user ID to something like nobody). This is controlled on the server side and can't be overridden on the client side. Basically, this is for security reasons -- if clients were able to write on an NFS mounted directory as root it would make it easier for them to break into the NFS server.