LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 10-25-2006, 10:48 PM   #1
emme0032
LQ Newbie
 
Registered: Jul 2006
Posts: 13

Rep: Reputation: 0
Question 777 directories and deleting files?


The book my class is using "Advanced Programming in the Unix Environment"
Says that if you have write permissions on a directory you are able to delete any file within it.

The idea seems plain and clear.. A directory is simply a file with the I-node number followed by the name of that file.

Shouldnt it be possible to delete a file owned by any user from that directories content?
Or at least rename it?

I tried some experiments and using basic command line I wasnt able to do what the books says is true. Should I take this a step further and try a progamtic approach?


Any ideas? This is rather interesting to me.
 
Old 10-26-2006, 12:36 AM   #2
btmiller
Senior Member
 
Registered: May 2004
Location: In the DC 'burbs
Distribution: Arch, Scientific Linux, Debian, Ubuntu
Posts: 4,078

Rep: Reputation: 297Reputation: 297Reputation: 297
If the directory permissions are 0777 and users can delete other users' files. If they are 1777 (i.e. if the "sticky bit" is set) users can only delete or move their own files (unless you're root, of course).
 
Old 10-26-2006, 01:35 AM   #3
emme0032
LQ Newbie
 
Registered: Jul 2006
Posts: 13

Original Poster
Rep: Reputation: 0
Perfect! Thanks for the answer.

I've seen on my past hosting company that the /home/ was 0777. That probably means they were hacked? Doesnt seem like an admin would do that.
Any user could become any other user by doing this:
delete /home/fred
remake /home/fred
add whatever commands you want to /home/fred/.login or whatever script is used..
when fred connects with ssh your script is executed.

Does that seem like a valid attack vector? Good thing I pay more than 5$ for my hosting now.
 
Old 10-26-2006, 09:34 AM   #4
Quigi
Member
 
Registered: Mar 2003
Location: Cambridge, MA, USA
Distribution: Ubuntu (Dapper and Heron)
Posts: 377

Rep: Reputation: 31
Even if you have write (and execute!) access to /home, you could not delete /home/fred if it was a directory with anything in it. Only if in addition you had write and execute access to /home/fred (and any subdirectories that it might contain) you could empty it, and delete it.

I agree that /home should not be 777 -- anyone could create anything there.
 
Old 10-31-2006, 11:27 AM   #5
poweredbydodge
Member
 
Registered: Oct 2006
Location: Buffalo, NY
Distribution: Servers: Scientific Linux 5.x // Desktops: Fedora Core (latest)
Posts: 110

Rep: Reputation: 15
Quote:
Originally Posted by Quigi
Even if you have write (and execute!) access to /home, you could not delete /home/fred if it was a directory with anything in it.
i found the best way to 'force teach' myself about file permissions was to bash myself over the head with ftp for a little while.

when you're setting up an ftp server conf file, you don't want to sit there for 30 hours typing out every single command and whether or not user a, b, or c can use those commands in a given directory or tree of directories.

in short... most viewing and reading commands, whatever they may be, fall under LIST (for ftp) which translates to READ (or VIEW) on your operating system. most write, delete, edit, make new file, make new directory, delete directory, move file, cut and paste file commands fall under WRITE (for ftp) and WRITE (for your os). executable files are a no brainer... execute is just EXECUTE.

This is why the chmod string (minus the sticky bit) is really only 3 numbers... 644 for home dir's... 777 for universal access... those 3 numbers correlate to 3 types of permission.

1st number = READ (R)
2nd number = WRITE (W)
3rd number = EXECUTE (X)

If you ever look at a directory in "list" mode instead of "icon" mode, you'll be able to see the file attributes and directory attributes... often they'll be done like this...

fileA .................. -r-w-x
fileB .................. -r----
fileC .................. -r---x
fileD .................. ----x

fileA can be read / written / and executed (thats your 777)
fileB can be read, but not written or executed
fileC can be read and executed but not written, so you can't delete it!

fileD is great too, you can ONLY execute it. why is this good?
let's say you're a programmer in a test environment cluster. you've put together a great little script or module or whatever, and you and you share it with your coworkers before giving it off to the boss. well coworker A turns out to be a jerk, and wants to snag your idea by ripping off your code and taking it to the boss first... nope, can't do it, he can execute the file, but he can't read it in a text editor or anything else. aww... poor lil guy. of course, root overrides all of this, but unless his buddy is the system admin, then you're safe.

happy linuxing

Last edited by poweredbydodge; 10-31-2006 at 11:31 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Changing Ftp Directories Into 777(rwe) rogier1983 Linux - Networking 0 07-28-2005 07:56 AM
trouble deleting files / directories neocontrol Linux - Software 1 07-16-2005 04:09 PM
Deleting directories NomadABC Linux - Newbie 2 02-10-2005 02:11 PM
deleting directories AZDAVE Linux - Newbie 1 08-15-2003 10:05 AM
Deleting directories with files in them AMDPwred Linux - General 7 02-16-2003 12:06 PM


All times are GMT -5. The time now is 12:05 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration