In <Pine.LNX.email@example.com>, Bret Busby wrote: >had set the permissions on the . file of his account, to 000, and, as >such, had made the . file on his account, completely inaccessible to >everyone, including the superuser, and, as the . file is the root of the >account, he had effectively made his account, totally inaccessible to >everyone, including the superuser. Outside of enhanced access controls like SELinux and AppArmor, processes with the euid of 0 ignore permission bits. Even if you chmod 000 a file on purpose, a superuser can chmod it to whatever they like, read the entire contents (and commit them to memory), replace the contents with half-truths about your love-life--basically whatever they want. >>From memory, it was on a SCO UNIX System V system, running on a LabTam While I haven't logged in to a SCO UNIX system, ever, I highly doubt that they would prevent the superuser from changing permissions on a file, even if it was chmod 000. -- Boyd Stephen Smith Jr. ,= ,-_-. =. firstname.lastname@example.org ((_/)o o(\_)) ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-' http://iguanasuicide.net/ \_/
Description: This is a digitally signed message part.