32
10
I just noticed on my Ubuntu machine (ext3 filesystem) that removing write permissions from a file does not keep root from writing to it.
Is this a general rule of UNIX file permissions? Or specific to Ubuntu? Or a misconfiguration on my machine?
# touch abc # chmod ugo-w abc # python Python 2.6.4 (r264:75706, Dec 7 2009, 18:45:15) [GCC 4.4.1] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> open('abc','w').write('AAA\n') >>> # cat abc AAA
Writing to the file fails (as expected) if I do this from my normal user account.
Is this normal behavior?
Is there a way to prevent root from accidentally writing to a file? (Preferably using normal filesystem mechanisms, not AppArmor, etc.)
Please teach me about something that I most definitely don't understand.
NOTE: I understand that root has total control over the system and can, eg, change the permissions on any file. My question is whether currently set permissions are enforced on code running as root. The idea is the root user preventing her/himself from accidentally writing to a file.
NOTE: I also understand that one should not be logged in as root for normal operations. I just noticed this behavior and am asking you about it.
@brice: many thanks. directly addresses my question. didn't know about chattr. – laramichaels – 2010-02-03T00:31:09.937
my system seems to need root access to run
chattr
. is there a user-mode means of setting such attributes? – quack quixote – 2010-02-03T00:34:40.0871... although it is a great answer to the question, "can
root
protect a file so well even He cannot delete it"! – quack quixote – 2010-02-03T00:36:11.737@~quack: well, the experience I describe above works as expected when running as a non-root user. Ie, just use chmod -w on the file to avoid overwriting its contents and chmod -w on the dir that contains it to avoid unlinking the file. Hope that helps! – laramichaels – 2010-02-03T01:18:57.940
4More accurately (in the case of Linux, anyway), root has the
CAP_DAC_OVERRIDE
capability allowing him to ignore ACLs and permissions. – user1686 – 2010-02-03T17:38:03.7901FYI, the equivalent of this on OS X is
sudo chflags <s|u>chg <file>
to make it immutable for the system or user, respectively, andsudo chflags no<s|u>chg <file>
for unsetting the immutable flag for the system or user, respectively. – GDP2 – 2016-09-21T22:31:41.403