Can Linux file permissions be fooled?
Posted
by
puk
on Server Fault
See other posts from Server Fault
or by puk
Published on 2012-05-31T00:49:50Z
Indexed on
2012/05/31
4:42 UTC
Read the original article
Hit count: 563
I came across this example today and I wondered how reliable Linux file permissions are for hiding information
$ mkdir fooledYa
$ mkdir fooledYa/ohReally
$ chmod 0300 fooledYa/
$ cd fooledYa/
$ ls
>>> ls: cannot open directory .: Permission denied
$ cd ohReally
$ ls -ld .
>>> drwxrwxr-x 2 user user 4096 2012-05-30 17:42 .
Now I am not a Linux OS expert, so I have no doubt that someone out there will explain to me that this is perfectly logical from the OS's point of view. However, my question still stands, is it possible to fool, not hack, the OS into letting you view files/inode info which you are not supposed to? What if I had issued the command chmod 0000 fooledYa
, could an experienced programmer find some round about way to read a file such as fooledYa/ohReally/foo.txt
?
© Server Fault or respective owner