dejesus@bourbon.ee.tulane.edu (Francisco X DeJesus) (01/17/91)
Ok, here's the situation: I'm trying to set up a guest account with
a fixed .login and .cshrc. I thought of simply putting those two files the
way I want them set up in the guest account's home directory, and have them
owned by root, group root, and read-only (permission: -r--r--r--). The
problem is that even with this setup the guest can delete them! What did
I miss?
--
___ / _______________________________ - Francisco X DeJesus
|- / \/ \\
' / /\ dejesus@bourbon.ee.tulane.edu \\__________________________
/ ak662@cleveland.freenet.edu ////////////////////////////zebr360@ut-emx.uucp (Jerry Heyman) (01/17/91)
In article <5716@rex.cs.tulane.edu> dejesus@bourbon.ee.tulane.edu (Francisco X DeJesus) writes: > > Ok, here's the situation: I'm trying to set up a guest account with >a fixed .login and .cshrc. I thought of simply putting those two files the >way I want them set up in the guest account's home directory, and have them >owned by root, group root, and read-only (permission: -r--r--r--). The >problem is that even with this setup the guest can delete them! What did >I miss? > Some people would argue that this is a security flaw (and I have raised this issue before), but in reality you are setting the protections on the file (who can read it or write it). Files inherit their deletion properties from the directory that they reside in. Because user guest has write (hence delete) permission in his own directory, any files that are created in that directory can be deleted. >-- > ___ / _______________________________ - Francisco X DeJesus jerry heyman -- Jerry Heyman by day: IBM AWD, AIX Development zebr360@emx.utexas.edu by nite: Adjunct Lecturer at St. Edward's Univ. *All comments are my own and should not be construed to represent any one else
grant@bluemoon.UUCP (Grant DeLorean) (01/18/91)
dejesus@bourbon.ee.tulane.edu (Francisco X DeJesus) writes: >owned by root, group root, and read-only (permission: -r--r--r--). The >problem is that even with this setup the guest can delete them! What did >I miss? That the guest account owns the directory so can do what it wants in that directory... -- Grant DeLorean (grant@bluemoon) {n8emr|nstar}!bluemoon!grant
dejesus@bourbon.ee.tulane.edu (Francisco X DeJesus) (01/18/91)
Thanks to everyone who responded to my query so quickly. The general
consensus as to why this happens is because the user owns the directory and
has permission to write (thus make changes such as removing files) in it.
Some suggested using the 'sticky bit', but I see this is not implemented in
the Unix port I'm using. Therefore the best solution (pointed out to me by
several people) would be to have the guest's home dir owned by root without
permission for guest to write, and put in a subdirectory in which the guest
CAN make his changes. This allows the dot-files to be secure and still
permits the guest user to write (after putting a 'cd subdir' in the .login
for simplicity). Again, thanks to all who posted and emailed me...
--
___ / _______________________________ - Francisco X DeJesus
|- / \/ \\
' / /\ dejesus@bourbon.ee.tulane.edu \\__________________________
/ ak662@cleveland.freenet.edu ////////////////////////////