[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Danger! An user can delete root's files!!!



On Wed, Dec 12, 2001 at 07:00:34PM +0200, fabio adamo inwind it wrote:
> 
> I use a Red Hat Linux 7.2 with all the upgrade found on the RedHat
> website installed. I also have update the KDE to the version 2.2.2.
> During the installation I set a mountpoint /master on hda8 but at
> the first reboot I changed the /etc/fstab to mount the /misc on that
> partition. Now if root create a file in /misc A NORMAL USER CAN
> DELETE IT!! This happen only in the /misc directory.  An user can
> delete a file like this:
> 
> -rw-r--r--    1 root     root            0 dic 12 17:53 test


The misc directory is probably just world-writeable.  If the
containing directory is world-writeable, then anyone can delete the
files in the directory, regardless of the owner of the files.

						- Ted





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]