LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (http://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   different users can all access file system and copy/paste? (http://www.linuxquestions.org/questions/linux-newbie-8/different-users-can-all-access-file-system-and-copy-paste-679671/)

mhg 10-28-2008 08:57 PM

different users can all access file system and copy/paste?
 
I have been messing around, trying to learn more. Created another user with password. Everything is owned by me. So I log in as the other user, and sure enough, I can not use files. But I open "file system" and I can see everything, all I have to do is copy what I want, paste it in the users /home, and now that user is the owner. No security there at all.

What am I missing?

I may well have everything owned by me, and nothing owned by root, but I am not sure (trying to fix something else I screwed up).

Thanks

Quick edit: "file system" is listed as owned by root.

klearview 10-28-2008 09:20 PM

Read up on Linux file permission. If you do not want certain files to be read by others you need to apply appropriate permissions. For example 'chmod 600 /path/to/certain/file' will make that that file writable/readable by only owner of that file.

To illustarate try copying /etc/shadow as ordinary user and see what happens :)

i92guboj 10-28-2008 09:23 PM

Quote:

Originally Posted by mhg (Post 3324572)
I have been messing around, trying to learn more. Created another user with password. Everything is owned by me. So I log in as the other user, and sure enough, I can not use files. But I open "file system" and I can see everything, all I have to do is copy what I want, paste it in the users /home, and now that user is the owner. No security there at all.

What am I missing?

I may well have everything owned by me, and nothing owned by root, but I am not sure (trying to fix something else I screwed up).

Thanks

Quick edit: "file system" is listed as owned by root.

From your terminology, I deduct that you are operating from a graphical file manager. If you have used it as root, you might very well have screwed yourself, that's why people usually say "don't use X as root", because, indeed, there's absolutely no need.

The first things I have to know, and it's not clear by your first post, is if you changed the permissions of everything in your filesystem to belong to a given user, instead of root. If you changed everything starting from / with new permissions/ownership, your best bet is to reinstall.

When describing this kind of stuff, it's very important that you tell us all the details. For example, we don't know what file manager you are using, and I really don't know how they handle the things. Using the standard linux terminology would be better (for example, I assume that when you say "file system" you mean "/").

If that's the case, you need to know that the regular users can see (read) only what they are supposed to see. They need read permissions in most of the files of the system, so, it's not strange at all that you can read those files and copy them into your home (how would you run a program without reading the binary file that holds it to load it into memory?).

There's absolutely no risk on that, and that you copy this stuff in your home is not going to give you any degree of control nor any extra facilities at all.

On the contrary, there are some bits of the system that you are not going to (well, should not be able to) read. You should not be able to access /etc/shadow, for example, which holds the hashes of the passwords of the system. You shouldn't be able either to read on other users's home directories, unless you are root or they gave you permission to do so.

If you can do either of these, then you screwed something.

mhg 10-28-2008 09:40 PM

Sorry for the lack of detail, and thanks for the tips.

I am using gnome desktop, and just using the "browse" option when opening a folder, so when I do that "/" is listed as "file system".

I didn't screw myself up too much. All the permissions I was messing with started with "/home", so "/" was left alone.

I am trying to get a feel for chown and chmod. I don't have anything critical on this distro, so no catastrophe if I screw things up (but I would certainly rather not!).

Thanks for the patience. I will read more about permissions, and experiment some more. I tried the chmod 600, and that was weird.


All times are GMT -5. The time now is 12:40 AM.