Hello All,

I adopted a yellowdog linux system where ALL USERS have access to files owned by root, yes that means they have their way with the systems files, navigate just about anywhere, it's a huge security problem. One other clue is that although they can edit files owned by root , they can not run root commands with the full path specified (such as mount, or visudo).
These root owned files have default permission and nobody else is allowed to modify them (i.e. rwx------ root root)

I've checked the ususal places..
- /etc/group to make sure nobody is in the root group,
- checked to make sure nobody should have uid=0 that shouldn't have it
- verified there were no /etc/sudoers entries that allowed root access

Does anybody have any ideas what could be causing this? Could it be some PAM configuration file? ACL's?

Any help is greatly appreciated,
Sak

What program are you using to see that all users can access root's files? Is it owned by root and have it's st user id or set group id bit set? If so, there's your problem: run

Have you checked that the permissions on your drive device node haven't been altered.

Eg. there's the list for one of my computers (2 IDE hard drives, 1 CD writer, 1 DVD drive):
brw-rw---- 1 root root 3, 0 Jul 6 21:31 /dev/hda
brw-rw---- 1 root root 3, 1 Jul 6 21:31 /dev/hda1
brw-rw---- 1 root root 3, 2 Jul 6 21:31 /dev/hda2
brw-rw---- 1 root root 3, 5 Jul 6 21:31 /dev/hda5
brw-rw---- 1 root root 3, 6 Jul 6 21:31 /dev/hda6
brw-rw---- 1 root root 3, 64 Jul 6 21:31 /dev/hdb
brw-rw---- 1 root root 3, 65 Jul 6 21:31 /dev/hdb1
brw-rw---- 1 root root 3, 66 Jul 6 21:31 /dev/hdb2
brw-rw---- 1 root root 3, 69 Jul 6 21:31 /dev/hdb5
brw-rw---- 1 root cdrom 22, 0 Jul 6 21:31 /dev/hdc
brw-rw---- 1 root cdrom 22, 64 Jul 6 21:31 /dev/hdd