[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Wrong security attributes. Maybe a bug?



2009/1/21 Steve Grubb <sgrubb redhat com>:
> On Wednesday 21 January 2009 05:19:39 pm nodata wrote:
>> Am Dienstag, den 20.01.2009, 06:44 -0500 schrieb Steve Grubb:
>> > On Monday 19 January 2009 04:13:09 pm Manuel Wolfshant wrote:
>> > > actually after chattr +i not even root can modify / delete the file:
>> >
>> > True. But you can chattr -i ./foo and then edit the file remembering to
>> > make it immutable again when you are done editing it. Not as automatic as
>> > one might like, but that's how to do it.
>>
>> That would mean a race though. Better to fix directory permissions :)
>
> The original question was about a file owned by root but readable by others. I
> assume 0644 permissions. The root ownership still protects it.
>
> -Steve
>

This makes part of it useless: If the owner is root but I still can
delete/modify the file (because if dir permissions) then the ownership
doesn't matter. The file was set to 444. The idea was to have a file
that cannot be deleted/modified but only read by everyone regardless
of the directory permissions. And the only suitable answer is to set
it +i.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]