[techtalk] Permissions

[Fan, Laurel]

Carolyn Jarie Getter, cgetter at mtholyoke.edu, said:
> I think I run into trouble mostly when my files are buried ten
> directories down a tree.  Okay, maybe not ten, but definitely down the
> tree.  Am I correct that to read, write or execute, say, three
> directories down a tree, I have to give read, write, and execute
> privileges to each of the directories in that tree? 
> That makes me a bit nervous.

No.  You do not need read and write on the directories above.  You only
need execute. Basically, for directories, read lets you ls, write lets
you create files, and execute lets you cd into it and get at anything
in it (or its subdirectories).

Example: 
> ls -l
total 24
drw-r--r--   2 user     group       8192 Jun 19 13:47 no_execute
d-wx--x--x   2 user     group       8192 Jun 19 13:48 no_read

For a directory with read permissions but no execute permissions,
I can ls it (read), but I cannot cd into it, or read files inside it,
even if I have read permissions on the file.

> ls no_execute/
file    subdir
> cd no_execute/
no_execute/: Permission denied.
> cat no_execute/file 
cat: cannot open no_execute/file

I also cannot cd to subdirectories.

> cd no_execute/subdir 
no_execute/subdir: Permission denied.

For a directory with execute permissions but no read permissions,
I can't ls it, but I can cd into it and read files in it.

> ls no_read/
no_read/: Permission denied
> cat no_read/file
stuff
>

I can also cd into subdirs (and ls them)
> cd no_read/subdir
> ls

You might want to try some of this yourself (on scratch files, of course)
to see what you can and cannot do (owner of the file can always change
permissions).

It's good that you're nervous about that.  Many security holes arise from
someone not being nervous enough, or ignoring their nervousness.

> The SUID bit has me a bit perplexed as well.  I swear that I have it set
> on the appropriate files, but I can't get whatever it is to function.
> Yesterday, I tried to get ppp working using SUID where I thought 
> necessary.  No cigars. Login as root and I get it running no sweat.
> Incredibly frustrating, that, especially when it happens nearly every
> time I try to install something!

(error messages and ls -l ing the appropriate files would be nice if you're
asking for help.. Nobody else can tell what's going on if you just say "It
doesn't work")

Last time I set up ppp it involved quite a few scripts and programs, you
may be missing a few.  But really, what's wrong with running it as root?
Even if nobody cracks root with it (which, iirc, would be fairly trivial
with my ppp; it would allow you to specify a program to run when the
connection went up or down), there are any number of fun (or for you, not
so fun) things that can be done with suid ppp, such as kill your connection,
make your modem call 1-900 numbers, get your isp password, etc. 

> Reading about the security problems bad permissions and SUID open up
> doesn't make it any easier!  I'm finding far too much of the
> documentation reads something like "There are some lamers who SUID on
> file LMNOP.  That is such a stupid and obvious security hole."  There
> is nothing said about what the lamer should be doing.  

IMO, many linux distributions are insecure enough as installed, but
I agree that the big flashing "DON'T EVER EVER DO THIS" is a bit
overused; it'd be far more useful to explain why.

Remember, every time you make something suid, you're just adding another
possible way to get root.  Generally, if you've got a suid executable,
and someone can make it (or any program it calls, or library it uses)
crash, or convince it to write over any executable, or essentially
do anything it wasn't exactly meant to do, they can get root.