Nasty Security Hole?

Yoseff Francus francus at pernod.dec.com
Fri Nov 18 07:20:40 AEST 1988 

 
Michael Faber writes
 
> I have wondered something about permissions security for a while, now, too.
>  
> Why can a person with read permission only be able to remove the file?  For
> example, if I have a file of data (statistical data, for example), and I need
> for any user in my group to read it as input data into their programs, they
> will have read permission to it, but will also be able to remove it (it
> makes sure you want to, but if Mr. Morris' worm had been destructive, he
> could have wiped out anything that he had READ access to!!!  Is there a point
> I'm missing (Op systems back in college doesn't cover enough.  THere ought to be
> an ethics, or a security chapter in every O/S book.)  
>  
 
The permissons on a file have no bearing on whether the file may be deleted.
In general it is write permission on the directory that determines which
users can delete a file from a directory. Take the following example:
 
The directory is called mydir, the name of the file is myfile.
In all cases my permissions are world permission.
 
A) permission on mydir is 755, permission on myfile is 666.
In this case I can edit myfile, however I cannot delete it since I do 
not have write permission in mydir.
 
B) permission on mydir is 777, on myfile it is 644. I cannot modify 
myfile but I can delete it. 
 
Think of a directory as a table of contents. You modify a table of
contents by adding to it (adding a file) or deleting from it (deleting
a file). Write permission on a directory allows you to modify the
table of contents. Because of this keeping /tmp with a 777 permission
is a potential problem. However, now the sticky bit can be set on
a directory. If the sticky bit is set only the owner of a file may
delete that file no matter what permissions are set on the directory.
The owner though must still have write permission for that give directory
otherwise he still won't be able to delete the file. Adding the sticky
bit is an additional layer of protection.
 
Yoseff
 
 
 
In Xanadu did Kubla Khan
A stately pleasure dome decree
But only if the NFL
To a franchise would agree
 
yf%pernod.dec at decwrl.dec.com

More information about the Comp.unix.wizards mailing list