Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
well you could do chmod 111 filename, that'll prevent most of what you want (read, copy), writing is sort of blocked, moving and deleting (along with writing) are driven more by the directory permissions then file permissions. The reason I say writing is sort of blocked is that, while the file itself wouldn't be writable, it could be replaced with one that is via a move or delete.
well you could do chmod 111 filename, that'll prevent most of what you want (read, copy), writing is sort of blocked, moving and deleting (along with writing) are driven more by the directory permissions then file permissions. The reason I say writing is sort of blocked is that, while the file itself wouldn't be writable, it could be replaced with one that is via a move or delete.
Also you can make it immutable with chattr as root. chattr +i filename
This will probably do exactly what you want.
excerpt from chatter manpage:
A file with the `i' attribute cannot be modified: it cannot be deleted or renamed, no link can be created to this file and no data can be
written to the file. Only the superuser or a process possessing the CAP_LINUX_IMMUTABLE capability can set or clear this attribute.
Another way I could get round this, is give the user read and execute permissions (-r-x) so that the file will run, then only allow them to use the command: "php file.php".
That way they wont be able to "vi file.php" and read the file contents, and also wont be able to use commands to copy or move the file to a different directory or computer.
How can I prevent all commands apart from "php file.php" for a user?
A file needs to be read to be able to be executed. You can set the immutable bit.
What are the permissions of the directory the file is in? That will determine whether the file can be deleted. If the user has write permissions on the directory, (such as in /tmp) then set the "sticky" bit on the directory. Deleting and saving files in a directory is a write operation on the directory. The sticky bit will prevent one user from deleting files owned by other users (except for the root user).
Using SELinux, you can protect a file even from root, unless the root user explicitly modifies the security attributes of the file.
You can't prevent an executable (permitted) file from being read, and thus copied. The only way around this, that I can think of, is to have it executed by proxy. E.G. client/server. Maybe you could have a stub program that assumes the euid or egid of the caller (for permissions) and executes it as if it were the user. The target program would be in a directory inaccessible by the user.
Maybe you could explain what this file is and why you don't want it copied but want it executed by a user. If you have a script that has username/password info in it, then your problem isn't disallowing the reading of the file. World readible scripts should not have authentication information in them. For example, never have "username" & "password" options in /etc/fstab. Use the "credentials" option instead, referencing a file that only root can read.
The reason I want to keep the file unreadable but allow access is because I have a hosted web server, which will receive data, then connect via a PHP script using SSH to another server, and send the data in variables by running a command like so:
Code:
php file.php vone vtwo
I dont want people copying or hacking my processing PHP code!
So if anybody with access to the hosted web server takes my ssh username and password, connects to my remote server via SSH, they can do whatever they want as that user.
Other ways I thought about sending the data was in html form posts, but i dont have a SSL certificate (the data needs to be safe). I could encrypt at one end and decrypt at the other using the built in PHP functions...
I also want to prevent random people from sending my remote server fake data to process, but I think ill check which IP the data is coming from in my PHP script.
Any ideas on other ways I can get data server-server securely + quickly using PHP/linux/ssh?
You could always make a suid C wrapper that executes your php. This would allow you to make the php have permissions that make it unreadable by the user but still executable.
Setting 111 permissions for compiled programs works fine, you don't need read permission to execute them. I'd forgotten that scripts need to be readable since they get loaded by an interpreter.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.