On Fri, 12 Jun 1998, Steve Mayer wrote: > I noticed this on my one remaining bo machine. Hamm seems to have > taken care of this bug. > > G. Kapetanios wrote: > > > > Following to my previous email I have to say some things. > > > > the /boot directory in my machine is > > > > drwxrwsr-x 2 root disk 2048 Jun 12 17:58 boot > > the user who can do that belongs to the disk group but the file which was > > deleted (/boot/vmlinuz.2.0.0) does not belong to the disk group it is > > root.root So obviously although I hadn;t realised that before if a group > > you belong to owns a directory which is writable by the group you can > > delete stuff from it without owning > > the files and without belonging to the group which owns the files. Is this > > safe ?? More importantly I don't know if this is a bug of the installation > > procedure about 1 1/2 years ago but the permission to /boot were set by > > that procedure and I never changed them. I know users should not probably ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > belong to group disk but I could have damaged my system really bad if I ^^^^^^^^^^^^^^^^^^^^^^^^ > > had no spare kernels. I guess I must remove the user from the disk group > > as soon as possible. > > > > By the way why is /boot writable by the group disk?
I don't know the "correct" permissions for /boot files, but in terms of security, protecting them from disk-group users will be quite ineffective: the disk group has write permission for raw disk devices. The point about who can delete files in a directory is of course covered in the FAQ under IIRC "I've discovered a HUGE security hole in rm!". Cheers, -- Email: [EMAIL PROTECTED] Tel: +44 1908 653 739 Fax: +44 1908 655 151 Snail: David Wright, Earth Science Dept., Milton Keynes, England, MK7 6AA Disclaimer: These addresses are only for reaching me, and do not signify official stationery. Views expressed here are either my own or plagiarised. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]