Re: user can delete kernel images (cont)
G. Kapetanios wrote:
>
> Following to my previous email I have to say some things.
>
> the /boot directory in my machine is
>
> drwxrwsr-x 2 root disk 2048 Jun 12 17:58 boot
> the user who can do that belongs to the disk group but the file which was
> deleted (/boot/vmlinuz.2.0.0) does not belong to the disk group it is
> root.root So obviously although I hadn;t realised that before if a group
> you belong to owns a directory which is writable by the group you can
> delete stuff from it without owning
> the files and without belonging to the group which owns the files. Is this
> safe ?? More importantly I don't know if this is a bug of the installation
> procedure about 1 1/2 years ago but the permission to /boot were set by
> that procedure and I never changed them. I know users should not probably
> belong to group disk but I could have damaged my system really bad if I
> had no spare kernels. I guess I must remove the user from the disk group
> as soon as possible.
>
> By the way why is /boot writable by the group disk?
>
> Sorry for the long email
> George
>
On my hamm (clean install from v2.0 install disks) system /boot is:
drwxr-xr-x 2 root root 1024 Jun 10 14:14 boot
--
Ed
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: