|
|||||||||
|
|||||||||
| |||||||||
|
|
|
|
|||||||||||||||||||||||||||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Display Modes |
Web Development Archives Sponsor:
|
|
|
|
#1
April 29th, 2008, 01:39 AM
|
|||
|
|||
|
Unix Access
Hi,
I'm a bit new at this, so please bear with me. If I have a user, USER1, and his user ID is 523, and then there is the group USER1 with a group ID of 523. How come USER1 can change to all the other directories and see everyone's files? If he only belongs to his own group, shouldn't he be restricted to his home directory? What basic thing am I missing??? Thank you! John
|
|
#2
April 30th, 2008, 07:00 AM
|
|||
|
|||
|
Unix Access
A couple of ideas:
Search of directories (and cd to) are controlled by the x bit in the mode. Check the directory's go+rx setting, i.e., mode = rx.rx would give access to other group members or system wide. The match between uid for one user and gid for another is also suspicious. Fedora, for example, creates new users with matching uid and gid. If USER1's gid is ALS 523, putting both users in the same group, then directories/files with gid=523 and mode g+r. Linux and many other versions of UNIX support multiple groups: If I'm listed as a member of group 523, I'm a member of that group in addition to my default login group. See id(1). Mtek wrote: Hi, > I'm a bit new at this, so please bear with me. > If I have a user, USER1, and his user ID is 523, and then there is the group USER1 with a group ID of 523. > How come USER1 can change to all the other directories and see everyone's files? If he only belongs to his own group, shouldn't he be restricted to his home directory? > What basic thing am I missing??? > Thank you! > John
|
|
| Viewing: Web Development Archives > FAQs > Security > Unix Access |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
