Re: Permissions on /root/

To: "Stefan Neufeind" <stefan@neufeind.net>
Cc: debian-security@lists.debian.org
Subject: Re: Permissions on /root/
From: Christian Jaeger <christian.jaeger@ethlife.ethz.ch>
Date: Sat, 8 Mar 2003 22:06:19 +0100
Message-id: <p04320401ba8ff431a87c@[192.168.3.11]>
In-reply-to: <[🔎] 3E6A5146.23880.239D5CE@localhost>
References: <[🔎] 20030308110213.GB11749@heimdall.wolfheart.ro> <[🔎] 3E6A5146.23880.239D5CE@localhost>

At 20:23 Uhr +0100 08.03.2003, Stefan Neufeind wrote:

On 8 Mar 2003 at 17:40, Christian Jaeger wrote:

 At 13:02 Uhr +0200 08.03.2003, Birzan George Cristian wrote:
 - You should also be aware that a 0700 directory does not protect you
 if you are moving another directory from outside to inside, since
 users who have already chdir'd into it remain inside it. (Example:

 >    root:                                   anybody:
 >    -------------------------------------   ---------------------
 >      chmod 0700 /root

      # root feels safe
      mkdir /blah
                                             chdir /blah
      mv /blah /root
      # root thinks "ok now blah is safe"
      cd /root/blah
      cat > info
      (enters sensitive info, Ctl-D)

 >                                             cat info
 >                                             (looks at info)

why is he allowed to use "mv /blah /root"? /root is write-protected
so why could he move blah inside of it?

It is *root* who is moving the dir. (Left side. I've increased thespace a bit.) And he (is root masculine?) is moving anybody rightinto the secret area at the same time.

Reply to:

References:
- Permissions on /root/
  - From: Birzan George Cristian <ymir@wolfheart.ro>
- Re: Permissions on /root/
  - From: "Stefan Neufeind" <stefan@neufeind.net>

Prev by Date: Re: Permissions on /root/
Next by Date: unsubscribe
Previous by thread: Re: Permissions on /root/
Next by thread: Re: Re: Permissions on /root/
Index(es):
- Date
- Thread