UNIX File Permissions Questions

Discuss the security implications of the various flavors of linux and unix

UNIX File Permissions Questions

Post by vaporware on Sat Jun 05, 2010 7:23 pm
([msg=39576]see UNIX File Permissions Questions[/msg])

A couple of questions:

I noticed that when I insert a thumbdrive, my system sets the owner of the files on said drive to owner "user" (being whatever user I'm logged in as) and the group to "root". So if I had a program with the setgid bit enabled on this thumbdrive, created from some other computer, wouldn't this allow the user to run this program with the privileges of the root group? And, in doing so, wouldn't this compromise security? Don't all users in the "root" group have superuser privileges?

Or, would the system simply ignore any setuid/setgid for any files located on the drive? Speaking of which, I'm wondering where the system is storing file permission data for these files in the first place, especially for NTFS volumes (I have a dual boot setup with either Windows or Linux), obviously windows isn't setting aside place for them! I suppose what I'm trying to ask is, are these attributes stored in the file record themselves or in some type of central repository that determines what permissions each file has.
"As I did 20 years ago, I still fervently believe that the only way to make software secure, reliable, and fast is to make it small. Fight Features."

-Andrew S. Tanenbaum (Author of MINIX)
vaporware
New User
New User
 
Posts: 7
Joined: Wed Jun 02, 2010 1:37 pm
Blog: View Blog (0)


Re: UNIX File Permissions Questions

Post by msbachman on Sat Jun 05, 2010 9:36 pm
([msg=39580]see Re: UNIX File Permissions Questions[/msg])

I'll take a stab at this. You asked:

are these attributes stored in the file record themselves or in some type of central repository that determines what permissions each file has


AFAIK, your system determines how it treats anything it mounts. A good place to see this is in the /etc/fstab, which should be present across all Linux distributions. There's absolutely no respect by the local system for files created by the root user of another system--you can change and wipe them as easily as if you yourself owned them.

I'm no expert in the fstab, never had much of an inclination to learn the ins and outs, but therein is your answer. It lists who can mount what and when. And I think what happens is that if you're attempting to mount something that is not present in the fstab, you need super-user permissions, which is likely where the "root" group comes into play.

Hopefully that helps, don't take anything I say as gospel but I think this will point you in the right direction.
"I'm going to get into your sister. I'm going to get my hands on your daughter."
~Gatito
User avatar
msbachman
Contributor
Contributor
 
Posts: 681
Joined: Mon Jan 12, 2009 10:22 pm
Location: In the sky lol
Blog: View Blog (0)


Re: UNIX File Permissions Questions

Post by d3v11 on Sat Oct 30, 2010 3:59 pm
([msg=48347]see Re: UNIX File Permissions Questions[/msg])

The answer to your question is no, this is not a security risk. Even if the program belonged to "root", the program will still have to be executed by "root" to obtain those privileges. Otherwise the program will only execute with the privileges that pertain to the user who executed it.
"The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable." - Sun Tzu
User avatar
d3v11
New User
New User
 
Posts: 18
Joined: Thu Oct 28, 2010 4:34 pm
Blog: View Blog (0)



Return to *nix

Who is online

Users browsing this forum: No registered users and 0 guests