From: wto@cbnewsg.cb.att.com (William T. O Connell) Subject: Re: 2 Linux ques. (read faq: Date: Thu, 28 Jan 1993 05:12:01 GMT
In article <728095509.AA36500@remote.halcyon.com> Randy.Edwards@f60.n128.z1.fidonet.org (Randy Edwards) writes:
< delete stuff >
>
>I might be doing wrong with the useradd command? I'm about ready to
>'rm' it and work up some scripts to do it all semi-manually...
I have my own shell script - so I don't have a good answer here.
> My second question is about file permissions and general file
>access.
>
>As root, I made a dummy file named 'test.fil' with an owner and group
>of 'root' and permissions of -rw-r--r--. Then, I logged in as a normal
>
>user and tried to rm the file. I get a 'permission denied' response,
>and the file remains intact. Great. Then, I immediately change
>directories to /etc and do a 'rm passwd'. To my surprise, I get a
>response of 'rm: remove 'passwd', overriding mode 0600?' So I type 'y'
>
>and the system deletes my password file. The password file was also
>owned by and in group 'root' and had permissions of -rw-------. What
>boggles me is why does the system allow me to delete one file, but not
>the other? (Remember, I did this logged in as a user, not as root.).
>To me, since I don't know what's going on, this gives me shudders and
>fears of system security. Can someone clue me in on what's happening
>here (and how I might prevent it)?
It appears that /etc's permissions are set as writable for 'others',
change it to read only.
- Bill O'Connell