Originally Posted by
michy99
When you say that all users have access to the root folder, are you talking about / or /root? If you mean / then all users should have read and execute rights, but not write rights. What is the output of
Michy99,
Thanks for chipping in.
This is beginning to ring bells now. I remember being astonished that users can roam around the Ubuntu file system at will before... It would never happen on my OSX box but let's not go there...
Edit: I take this back!! It is possible. I definitely can't see inside another user's folders inside their home folders though, let alone open a document.
ls -l / gives me
Code:
rwxr-xr-x 2 root root 4096 2009-07-10 08:21 bin
drwxr-xr-x 4 root root 4096 2009-07-10 08:20 boot
lrwxrwxrwx 1 root root 11 2009-07-10 08:04 cdrom -> media/cdrom
drwxr-xr-x 16 root root 3960 2009-07-10 10:28 dev
drwxr-xr-x 124 root root 4096 2009-07-10 10:28 etc
drwxr-xr-x 4 root root 4096 2009-07-10 10:11 home
lrwxrwxrwx 1 root root 33 2009-07-10 08:20 initrd.img -> boot/initrd.img-2.6.28-11-generic
drwxr-xr-x 19 root root 4096 2009-07-10 08:21 lib
drwx------ 2 root root 16384 2009-07-10 08:03 lost+found
drwxr-xr-x 4 root root 4096 2009-04-20 14:59 media
drwxr-xr-x 2 root root 4096 2009-04-13 10:33 mnt
drwxr-xr-x 2 root root 4096 2009-04-20 14:59 opt
dr-xr-xr-x 125 root root 0 2009-07-10 09:32 proc
drwx------ 4 root root 4096 2009-07-10 09:32 root
drwxr-xr-x 2 root root 4096 2009-07-10 08:21 sbin
drwxr-xr-x 2 root root 4096 2009-03-06 16:21 selinux
drwxr-xr-x 2 root root 4096 2009-04-20 14:59 srv
drwxr-xr-x 12 root root 0 2009-07-10 09:32 sys
drwxrwxrwt 19 root root 4096 2009-07-10 10:28 tmp
drwxr-xr-x 11 root root 4096 2009-04-20 15:00 usr
drwxr-xr-x 15 root root 4096 2009-04-20 15:07 var
lrwxrwxrwx 1 root root 30 2009-07-10 08:20 vmlinuz -> boot/vmlinuz-2.6.28-11-generic
I confess to being a newb and knowing next to nothing about this but to my mind only
/root and /lost+found have the correct permissions. No?
This may be as it should, and I find it incredible in itself, but the permissions in my home folder
Code:
drwxr-xr-x 2 myname myname 4096 2009-07-10 08:56 Desktop
drwxr-xr-x 2 myname myname 4096 2009-07-10 08:56 Documents
-rw-r--r-- 1 myname myname 357 2009-07-10 08:17 examples.desktop
drwxr-xr-x 2 myname myname 4096 2009-07-10 08:56 Music
drwxr-xr-x 2 myname myname 4096 2009-07-10 08:56 Pictures
drwxr-xr-x 2 myname myname 4096 2009-07-10 08:56 Public
drwxr-xr-x 2 myname myname 4096 2009-07-10 08:56 Templates
drwxr-xr-x 2 myname myname 4096 2009-07-10 08:56 Videos
seem to allow any other user to access all my files.
I have just tested this by creating a test user and saving a test file on my own desktop. The test user can open and read the document when logged in to their own account.
This is on a fresh install of Jaunty, installed since my first post to make *triply* sure everything is formatted as ext3.
How can this happen? What is the permanent fix?
Isn't it a security risk to allow all users access, in any way, to the root file system? It gives me a heads-up as to username/password for a start...
I'm sure this is user error but I'm still astonished/intrigued...
Help please!!
Simon
Bookmarks