LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 11-04-2007, 05:03 PM   #1
Stuart Morrow
LQ Newbie
 
Registered: Oct 2006
Location: Ireland.
Distribution: Various distros
Posts: 5

Rep: Reputation: 0
On NFS, non-root users can move/rename files belonging to root.


OK, here are the facts:
stuart-server is the NFS server.
stuart-desktop is the NFS client.
The user stuart on both machines has UID 1000 and GID 1000.

And here is the line of stuart-server:/etc/exports referring to the directory I'm having trouble with:
Code:
/home/stuart        stuart-desktop(rw)
Whenever I mount stuart-server:/home/stuart on stuart-desktop, the problem is that any user can mv files belonging to root. This is bad, but it isn't as bad as it could be: luckily, users can't write to files belonging to root.

Here is what I get when I mount stuart-server:/home/stuart on stuart-desktop (parenthetical stuff in bold is my commentary, not the output of the shell!):
Code:
stuart@stuart-desktop:~$ sudo mount stuart-server:/home/stuart /home2/stuart
[sudo] password for stuart:
stuart@stuart-desktop:~$ cd /home2/stuart
stuart@stuart-desktop:/home2/stuart$ ll this.file.belongs.to.root 
-rw-r--r-- 1 root root 0 2007-10-31 15:31 this.file.belongs.to.root
stuart@stuart-desktop:/home2/stuart$ mv this.file.belongs.to.root \
> but.`whoami`.can.move.it
stuart@stuart-desktop:/home2/stuart$ ll but*
-rw-r--r-- 1 root root 0 2007-10-31 15:31 but.stuart.can.move.it (bad)
stuart@stuart-desktop:/home2/stuart$ cat > but.stuart.can.move.it #However, I can not write to it
bash: but.stuart.can.move.it: Permission denied (good)
stuart@stuart-desktop:/home2/stuart$
Howcome any old user is allowed to move files that don't belong to him? Naturally, I don't want it to work that way - I want it to work the same as it would if they were local files.

To help me fix this, you may request additional information about these computers if you need to, thank you.
 
Old 11-05-2007, 12:06 AM   #2
complich8
Member
 
Registered: Oct 2007
Distribution: rhel, fedora, gentoo, ubuntu, freebsd
Posts: 104

Rep: Reputation: 17
Is stuart the owner of the directory that the file resides in (/home/stuart)? One would expect so...

If you own the directory, you can move (and remove) files in it, even if they're not yours and you can't open them. If you don't (or rather, if you don't have write permission on the directory), you can't. This is somewhat the expected behavior.
 
Old 11-05-2007, 11:12 AM   #3
Stuart Morrow
LQ Newbie
 
Registered: Oct 2006
Location: Ireland.
Distribution: Various distros
Posts: 5

Original Poster
Rep: Reputation: 0
Ah, so there really isn't anything actually broken? No problem then, and thanks.
 
  


Reply

Tags
nfs, permissions


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Script to Move and rename files scribbl35 Linux - Newbie 1 07-18-2007 09:14 AM
NFS Root setup - can't log in as root after CHMOD ? gallwapa Linux - General 1 04-02-2007 04:31 AM
CHMOD files for all users as root, how?! $Linuxnoob Fedora 3 04-09-2006 10:31 PM
Manually importing NFS files as USER (not Root) 1kyle SUSE / openSUSE 1 10-11-2005 12:29 PM
root files: create as root:root or root:wheel? pcass Linux - Security 1 02-07-2004 04:14 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 07:34 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration