Re: Permissions on /root/

To: Christian Jaeger <christian.jaeger@ethlife.ethz.ch>
Cc: debian-security@lists.debian.org
Subject: Re: Permissions on /root/
From: "Stefan Neufeind" <stefan@neufeind.net>
Date: Sat, 08 Mar 2003 20:23:34 +0100
Message-id: <[🔎] 3E6A5146.23880.239D5CE@localhost>
In-reply-to: <p04320407ba8fc7521d85@[192.168.3.11]>
References: <[🔎] 20030308110213.GB11749@heimdall.wolfheart.ro>

On 8 Mar 2003 at 17:40, Christian Jaeger wrote:

> At 13:02 Uhr +0200 08.03.2003, Birzan George Cristian wrote:
> - You should also be aware that a 0700 directory does not protect you
> if you are moving another directory from outside to inside, since
> users who have already chdir'd into it remain inside it. (Example:
>    root:                    anybody:
>      chmod 0700 /root
>      # root feels safe
>      mkdir /blah
>                               chdir /blah
>      mv /blah /root
>      # root thinks "ok now blah is safe"
>      cd /root/blah
>      cat > info
>      (enter sensitive info, Ctl-D)
>                               cat info
>                               (looks at info)

why is he allowed to use "mv /blah /root"? /root is write-protected 
so why could he move blah inside of it?

Reply to:

Follow-Ups:
- Re: Permissions on /root/
  - From: Christian Jaeger <christian.jaeger@ethlife.ethz.ch>

References:
- Permissions on /root/
  - From: Birzan George Cristian <ymir@wolfheart.ro>
- Re: Permissions on /root/
  - From: Christian Jaeger <christian.jaeger@ethlife.ethz.ch>

Prev by Date: Re: Permissions on /root/
Next by Date: Re: Permissions on /root/
Previous by thread: Re: Permissions on /root/
Next by thread: Re: Permissions on /root/
Index(es):
- Date
- Thread