Re: vim

To: debian-user@lists.debian.org
Subject: Re: vim
From: Ralf Mardorf <ralf.mardorf@alice-dsl.net>
Date: Thu, 15 Nov 2012 14:58:57 +0100
Message-id: <[🔎] 20121115145857.0149d39e@qrc>
In-reply-to: <[🔎] 20121115143554.03737ee4@qrc>
References: <[🔎] CAHJcRbVvsMNCg+xHwhQQBKaj8qa=wCm3paSSy+oP6-SiA8xCvw@mail.gmail.com> <[🔎] 20121115143554.03737ee4@qrc>

On Thu, 15 Nov 2012 14:35:54 +0100
Ralf Mardorf <ralf.mardorf@alice-dsl.net> wrote:

> On Thu, 15 Nov 2012 05:18:52 -0800
> james gray <kmzftq@gmail.com> wrote:
> 
> > i am just wondering.
> > 
> > why would vim be slapped around thru many links just to come back to
> > its original file path origin with out write privileges to the end
> > usr who is not root.
> > 
> > 
> > path = /usr/local/bin, usr/bin, /bin, usr/local/game
> > 
> > 
> > which vim
> > 
> > /usr/bin/vim
> > 
> > 
> > ls -l /usr/bin/vim
> > 
> > lrwxrwxrwx -> etc/alternatives/vim
> > 
> > 
> > ls -l etc/alternatives/vim
> > 
> > lrwxrwxrwx -> /usr/bin/vim.basic
> > 
> > 
> > ls -l /usr/bin/vim.basic
> > 
> > -rwxr-xr-x
> > 
> > 
> > are there programming or script conditionals placed on vim by vim
> > being passed through each different directory environment ?.
> > 
> > 
> > is there a for see able security issue coming from the programers
> > view point , to have vim.basic with its file access as they are
> > root root rwxr-xr-x.
> > 
> > Or
> > 
> > can the end usr mutilate the file access and group of vim.basic and
> > change to:
> > 
> > root admin rwxrwx---
> > 
> > 
> > Thank you
> 
> Softlinks always are rwxrwxrwx and all applications a normal user and
> superuser can use are r-xr-x for the group and for the others, since
> only root should be allowed to delete or write to your system. If you
> are editing a file, the permissins of the editor are irrelevant. What
> counts are the permissins of the file the user wants to edit.
> 
> Simply test what happens, if a user tries to change permissions for
> the original file and what happens if a user tries to delete a
> softlink, just "touch" some test-file and "ln -s" some test-links and
> do this in directories with different permissions.
> 
> Regards,
> Ralf

PS:

$ sudo mkdir test_1 test_2

$ ls -hAl | grep test
drwxr-xr-x  2 root       root       4.0K Nov 15 14:37 test_1
drwxr-xr-x  2 root       root       4.0K Nov 15 14:37 test_2

$ sudo touch test_2/test.app

$ sudo ln -s test_2/test.app test_1/test.link

$ ls -hAl test_1
total 0
lrwxrwxrwx 1 root root 15 Nov 15 14:49 test.link -> test_2/test.app

$ ls -hAl test_2
total 0
-rw-r--r-- 1 root root 0 Nov 15 14:42 test.app

$ rm test_1/test.link
rm: cannot remove `test_1/test.link': Permission denied

$ chmod u-rwx test_1/test.link
chmod: cannot operate on dangling symlink `test_1/test.link'

$ sudo chmod u-rwx test_1/test.link
chmod: cannot operate on dangling symlink `test_1/test.link'

Reply to:

References:
- vim
  - From: james gray <kmzftq@gmail.com>
- Re: vim
  - From: Ralf Mardorf <ralf.mardorf@alice-dsl.net>

Prev by Date: Re: vim
Next by Date: Re: A good GUI MUA? - Was: Gnome3 and Wheezy.
Previous by thread: Re: vim
Next by thread: Re: vim
Index(es):
- Date
- Thread