Permissions curiosity...
 

Hi linuxers...

I am just curious about something that happened to me recently.

I am fairly new to linux and recently i was setting up a user account to use my Xserver (i read is not recommended to startx with root access)...

So... when i try to launch the X I get some complaints about not having permission in the tmp folder (maybe i changed them by mistake) and after getting totally frustrated trying to change the permissions in some folders i got sick of it and did the following:

the funny part about it is that even though i set up permissions to rwx for everybody then i got the following error when i tried to switch user from root to user:

I was like WTF??

I had to set the permissions to the default 755 in order to be able to switch users...

Can anybody give me an explanation for that???
If ALL folders are set to 777 how com i get a Permission Denied error??

It is not a problem but im just curious about it.

:D

I can understand the frustration but help is all around in docs, here and everywhere else on the 'net.
And after seeing you deliberately screw up a system like that I can only say: please use GNU/Linux like it's intended to be used or don't use it at all.

Well, after using this command
# chmod -R 777 /*

it is a problem. Making it 755 "again" doesn't help much. Your system is trashed, I'm not sure that it will boot again. Be warned.

:D

Dont worry about that guys Im posting from that "trashed" system right now.

Everything is working fine and everything is back to the defaults. I can su again and everything...

The thing is... why chmoding to 777 the whole system makes such instability...??

Even though i fixed everything im just curious. I swiched to linux mainly to mess around and learn, I dont mind trashing my system 100 times and reinstalling everything from 0 (which I did enough in Windows, but not because I wanted, it was because that OS sucks from the start). :)

Ownership and access rights together is also called DAC aka Discretionary Access Control. It is one of the most basic and fundamental way of separating privileges. If it cannot be determined from configuration sources running under 'strace' may reveal some applications will check for DAC rights on dirs and files and might for instance decide to put temporary files in alternative locations if access rights are set wrong (GDM for instance). Other applications might just refuse to run regardless (like SSH wrt ~/.ssh access rights).


Being curious is a good thing but please don't willingly expose a machine to the 'net when it's stripped from basic security features. it's not good for you (if you care) but it's also not good towards other 'net users (that'll be us and we definately care).

You are right... even though my system at the moment is not stripped from its security because i reinstalled and everything is where its supposed to be (755 i guess right?) before even atepmting to go to the 'net.

I dont understand though how can it be not good towards other users... :S

If I understand you correctly you are saying that is basically a security measure in case the permissions are set wrong, preventing unauthorized use of some system services, right?? that would make sense then.

Thanks for your replay. :)