HPE Community
Operating System - HP-UX
1837900 Members
3346 Online
110123 Solutions
New Discussion

Re: Users permissions

 
George_8
New Member

‎10-30-2000 03:17 AM

‎10-30-2000 03:17 AM

Users permissions

I work on an hp server with hpux 10.20.
Is it posible someone else (with the same group with me e.x. users) to change (write) my .profile.
Note : The .profile is -rwx------.
0 Kudos
Reply
8 REPLIES 8
CHRIS_ANORUO
Honored Contributor

‎10-30-2000 03:30 AM

‎10-30-2000 03:30 AM

Re: Users permissions

No, It is only superuser that can modify the file with that permission
When We Seek To Discover The Best In Others, We Somehow Bring Out The Best In Ourselves.
0 Kudos
Reply
John Palmer
Honored Contributor

‎10-30-2000 03:31 AM

‎10-30-2000 03:31 AM

Re: Users permissions

If your .profile is -rwx------ then only the owner (and root) has permissions to write to it.

Could it be that you have more than one user with the same id number - check /etc/passwd.

Regards,
John
0 Kudos
Reply
federico_3
Honored Contributor

‎10-30-2000 03:52 AM

‎10-30-2000 03:52 AM

Re: Users permissions

No, nobody can modify your .profile if the permissions are the ones you indicate.

federico



0 Kudos
Reply
Devbinder Singh Marway
Valued Contributor

‎10-30-2000 05:26 AM

‎10-30-2000 05:26 AM

Re: Users permissions

looking at your permissions , of your .profile rwx for user/owner of the file and nothing for the others or group will not be able to change your .profile. One thing you can check is the date stamp of the file and then do a last to find out which users were logged in at that particular time ( have you got a history file , you can check this to see if any commands which suggest the change of your .profile).

The other thing to note is the permissions of the home directory i.e. if you have 777 permisions , other users will be able to cd into your directory and create files .

Seek and you shall find
0 Kudos
Reply
Ralph Grothe
Honored Contributor

‎10-30-2000 06:58 AM

‎10-30-2000 06:58 AM

Re: Users permissions

Question to the responders,

what about if the other account had the (admittedly, highly unlikely) write permission on George's home directory?

Wouldn't that allow the other to at least delete (wonder if you can call this a modification) any file?

Or am I wrong?
Madness, thy name is system administration
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

‎10-30-2000 07:08 AM

‎10-30-2000 07:08 AM

Re: Users permissions

George & Ralph:

Yes, if the permissions on the directory were something like 77x, then another user could delete the profile and recreate it, and then 'chown' the ownership "away" to the directory's owner.

The way to circumvent this is to set the sticky bit on the directory. A better way is not to allow write access on directories that you don't have to do so!!!

...JRF...
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎10-30-2000 07:44 PM

‎10-30-2000 07:44 PM

Re: Users permissions

Unix mantra: You do not understand the permissions of a file until you understand the permissions of every parent directory.

File permissions control the CONTENT.

Directory permissions control the EXISTENCE.

Try this as an ordinary user:

cd /var/tmp
touch testfile
chmod 000 testfile
cat testfile
cat: Cannot open testfile: Permission denied
rm testfile

In fact, anyone can remove testfile because /var/tmp is 777 permissions (must be). As mentioned, the sticky bit can be set which then prevents the removal of a file when you are not the owner.

SO protection of the contents (not writable, perhaps not readable) has nothing to do with the file's existence. The directory permissions totally control add, remove, and rename actions.


Bill Hassell, sysadmin
0 Kudos
Reply
Madhu Sudhan_1
Respected Contributor

‎10-30-2000 10:41 PM

‎10-30-2000 10:41 PM

Re: Users permissions

One more way to understand File/Directory Permissions is "EVERYTHING IN UNIX IS TREATED AS A FILE" (couldn't make it bold, so highlighting with Capital letters), Like Devices, Directories etc.,. So You can only make changes to a directory file only when you have write permission. Directory file contains information about files, subdirectories with in it. The activities like deleting a file, renaming a file and moving a file and copying a file into a directory requires an entry in the directory file which requires a write permission.
Protect it with sticky bit on the directory which allows to have "w" permission on the directory and still only owner the file can delete the file.
Think Positive
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.