LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 07-10-2006, 03:59 AM   #1
baddah
Member
 
Registered: Feb 2006
Location: Cape Town,South Africa
Distribution: Fedora Core 8
Posts: 188

Rep: Reputation: 30
file permissions and sshfs


Hi,probably not right forum,but not sure where to put it in.Its sort of security.

I want to use sshfs to run a program from a central server on remote boxes.That works fine.I mounted the file system of the server,using sshfs and i can see the file and execute it,but i dont want any of the users on the remote boxes to be able to read the file,in other words,just execute it.On the remote box,here's the settings

Code:
chmod 711 file
ls -l
total 4
-rwx--x--x    1 usergroup test           37 Jul 10 09:39 file
711 means that only root can read it,does n't it?all the other ones can execute it,but not read it...

But,if i log in as test on the box and do a vim file,i can read it.How can I get this user to be able to execute the file(its a php script) but not be able to read it,in other words see the source code?

Thanks
 
Old 07-10-2006, 04:05 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
711 means that the *OWNER* (usergroup here) can read it but no one else, root can always read all local files.
 
Old 07-11-2006, 02:48 AM   #3
baddah
Member
 
Registered: Feb 2006
Location: Cape Town,South Africa
Distribution: Fedora Core 8
Posts: 188

Original Poster
Rep: Reputation: 30
Ok Thanks,There i already learned something.So i changed the permission to 111 now,but now i cannot see the output of the program,for instance say I have script Hallo.php that just echo's Hallo. If i run it as root(./Hallo.php) its outputs hallo,but if a run it as user it runs,but outputs nothing.the permission looks like this now...

Code:
ls -l
total 4
---x--x--x    1 user test           40 Jul 11 09:39 Hallo.php
As root

Code:
[root@box]./Hallo.php
X-Powered-By: PHP/4.2.2
Content-type: text/html
Hallo
[root@box]
As user
Code:
[user@box]./Hallo.php
[user@box]
 
Old 07-11-2006, 03:33 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
This is not an answer to your question, but I would like to point out there are other methods to run a command on remote boxen. If the commands don't change (often) then copying the file to the servers and using a ssh tool could be efficient. If you can't or won't copy, then there's tools like Webjob.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Using Knock with sshfs (fish) pAn1k Linux - Networking 0 07-10-2006 12:34 AM
sshfs reports invalid free space on remote machine +Yan Linux - Networking 2 04-10-2006 05:37 AM
Anyone using Slackware and SSHFS? JockVSJock Slackware 6 12-20-2005 05:22 AM
file permissions OK, but command permissions? stabu Linux - General 2 10-05-2005 12:00 PM
shared filesystem crap: shfs, sshfs, lufs, fuse whansard Linux - Networking 1 06-26-2005 07:58 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:56 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration