Change owner of file without being root

0

I suggest that I have a log file with 666 permission and its owner is alice. So user 'bob' can change its owner by this:

cp log log.temp; rm log; mv log.temp log

So how can I fix this risk?

hienbuithanh88

Posted 2013-01-09T03:47:00.183

Reputation: 101

Put its ownership as 600? – hd1 – 2013-01-09T03:54:06.830

2'bob' can do that only if he has write permissions for the directory containing the file. – Andrey Voitenkov – 2013-01-09T08:34:58.977

Answers

1

As Andrey says above, bob can only do what you say if he has rights over the directory which contains the file. Just change the dir permissions to xx5 if you want bob to access but being unable to create new files.

from Understading UNIX permissions

Access permissions for files and folders mean different things from the user standpoint.

For Files

  • Read: If the file contents can be read
  • Write: If user or process can write to the file (change its contents)
  • Execute: If the file can be executed

For Directories

  • Read: If the directory listing can be obtained
  • Write: If user or process can change directory contents somehow: create new or delete existing files in the directory or rename files.
  • Execute: If user or process can access the directory, that is, go to it (make it to be the current working directory)

DrNoone

Posted 2013-01-09T03:47:00.183

Reputation: 1 267

Asked: 2013-01-09T03:47:00.183

Viewed: 1 242 times

Active: 2013-01-09T18:37:43.883