Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 07-21-2005, 12:55 PM   #1
LQ Newbie
Registered: Jul 2005
Posts: 1

Rep: Reputation: 0
all users have access to root owned files

Hello All,

I adopted a yellowdog linux system where ALL USERS have access to files owned by root, yes that means they have their way with the systems files, navigate just about anywhere, it's a huge security problem. One other clue is that although they can edit files owned by root , they can not run root commands with the full path specified (such as mount, or visudo).
These root owned files have default permission and nobody else is allowed to modify them (i.e. rwx------ root root)

I've checked the ususal places..
- /etc/group to make sure nobody is in the root group,
- checked to make sure nobody should have uid=0 that shouldn't have it
- verified there were no /etc/sudoers entries that allowed root access

Does anybody have any ideas what could be causing this? Could it be some PAM configuration file? ACL's?

Any help is greatly appreciated,
Old 07-21-2005, 05:29 PM   #2
Registered: Oct 2003
Location: St Paul, MN
Distribution: Fedora 8, Fedora 9
Posts: 513

Rep: Reputation: 30
What program are you using to see that all users can access root's files? Is it owned by root and have it's st user id or set group id bit set? If so, there's your problem: run

chmod a-s /path/to/executable
Old 07-22-2005, 12:45 AM   #3
Senior Member
Registered: Aug 2004
Location: Munich, Germany
Distribution: Opensuse 11.2
Posts: 1,549

Rep: Reputation: 52
Have you checked that the permissions on your drive device node haven't been altered.

Eg. there's the list for one of my computers (2 IDE hard drives, 1 CD writer, 1 DVD drive):
brw-rw---- 1 root root 3, 0 Jul 6 21:31 /dev/hda
brw-rw---- 1 root root 3, 1 Jul 6 21:31 /dev/hda1
brw-rw---- 1 root root 3, 2 Jul 6 21:31 /dev/hda2
brw-rw---- 1 root root 3, 5 Jul 6 21:31 /dev/hda5
brw-rw---- 1 root root 3, 6 Jul 6 21:31 /dev/hda6
brw-rw---- 1 root root 3, 64 Jul 6 21:31 /dev/hdb
brw-rw---- 1 root root 3, 65 Jul 6 21:31 /dev/hdb1
brw-rw---- 1 root root 3, 66 Jul 6 21:31 /dev/hdb2
brw-rw---- 1 root root 3, 69 Jul 6 21:31 /dev/hdb5
brw-rw---- 1 root cdrom 22, 0 Jul 6 21:31 /dev/hdc
brw-rw---- 1 root cdrom 22, 64 Jul 6 21:31 /dev/hdd


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
users other than root can not access internet ? summerfish Linux - Networking 4 07-17-2004 08:03 PM
Make a file owned by root owned by a user sharpie Linux - Newbie 2 02-26-2004 01:26 AM
empty files named "1" owned by root ??? kkempter Linux - General 3 07-09-2003 02:07 PM
non-root users inet access Duckus Linux - Newbie 4 06-05-2003 10:40 PM
vfat mount - all files are 'root' owned, but even root can't -WX d33pdream Linux - General 5 02-28-2003 02:38 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 05:35 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration