[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Mess with files that you are not allowed to touch

Tong Sun wrote:

It never occurs to me that I am able to mess with
files that I'm not allowed
to touch, but watch this:

$ echo good > safe

$ chmod a-w safe

$ cat safe

$ ln safe unsafe

$ chmod a+w unsafe

$ echo bad > unsafe

$ cat safe

I.e., I am able to change the content of the file that
is read only to me.

So, I am start to wondering, what mechanism will
prevent me from doing
something more bad to this, e.g., change system files
that I'm not allowed
to touch?


But, you see, you changed the permissions on the file to allow you to write it. But, then, I guess you don't see it, so let me explain ...

Files on disk are an inode with all file meta-data *except* the file name. This includes file permissions and ownership. The inode points to the data blocks used by the file.

A directory contains a list of file names and associated inodes. Think of the inode number as an "address" (in a general sense, like your home address).

When you use the 'ln' command the way you did, you create what's called a hard link. What this does is make a new name in some directory (it must be in the same file system as the original file) and puts the same address there as is used by the original file. You now have two different names pointing to the same inode number. Think of this like having two people living at the same address.

When you changed the permissions on "unsafe", the values stored in the inode are what changed, and it's the same location as for the file referenced through "safe". So, if you did an 'ls -l safe unsafe', you'd see the same permissions for both, which means you literally made 'safe' be 'unsafe'.

This has nothing to do with your ability to change system files. What controls changing them is the actual ownership of the file. For these files, you are usually in the group category 'other', for whom access is controlled by the third set of permission values you see in the long listing. So a file with 'rw-r--r--' can be written by the owner (as can any link to it) but you aren't the owner (unless you used some mechanism to become root - su, sudo, login as root, setuid program).

I'd strongly encourage you to get a basic introductory text on UNIX or Linux, to learn about how these things work.


Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply to: