Paranoid Penguin - Linux Filesystem Security, Part II
Last time, we looked at file and directory permissions from the ground up—what users and groups are and how to set and remove read, write and execute permissions on files and directories. In this column, we look at some more advanced types of permissions, explore permission numeric modes and the command umask and see how to delegate root's authority with su and sudo. This article contains more intermediate-level information than last month's, but hopefully it should make sense, even if all you know about permissions is what you read here last time.
Recall last month's long listing of the extreme_casseroles/ directory:
drwxr-x--- 8 biff drummers 288 Mar 25 01:38 extreme_casseroles
Recall also that we set the group permissions on this directory to r-x, that is, group-readable and group-executable, so that our fellow members of the drummers group could enter this directory and enjoy the recipes stored therein.
Suppose that our drummer friend Biff wants to allow his fellow drummers not only to read his recipes but to add their own as well. As we saw last time, all he needs to do is set the group-write bit for this directory, like this:
chmod g+w ./extreme_casseroles
There's only one problem with doing that, however. Write permissions include both the ability to create new files in this directory and also to delete them. What's to stop one of his drummer pals from deleting other people's recipes? The sticky bit, that's what.
In olden times, the sticky bit was used to write a file (program) to memory so it would load more quickly when invoked. On Linux, however, it serves a different function. When you set the sticky bit on a directory, it limits people's ability to delete things in that directory. That is, to delete a given file in the directory you either must own that file or own the directory, even if you belong to the group that owns the directory and group-write permissions are set on it.
To set the sticky bit, issue the command:
chmod +t directory_name
In our example, this would be chmod +t extreme_casseroles. If we now do a long listing of the directory itself, by using ls with the -d option to list the directory's permissions rather than its contents, that is, ls -ld extreme_casseroles, we see:
drwxrwx--T 8 biff drummers 288 Mar 25 01:38 extreme_casseroles
Notice the T at the end of the permissions. We'd normally expect to see either x or - there, depending on whether the directory is other-writable. The T denotes that the directory is not other-executable and has the sticky bit set. A lowercase t would denote that the directory is other-executable and has the sticky bit set.
To illustrate what effect this restriction has, suppose a listing of the contents of extreme_casseroles/ looks like Listing 1.
Listing 1. Contents of extreme_casseroles/
drwxrwxr-T 3 biff drummers 192 2004-08-10 23:39 . drwxr-xr-x 3 biff drummers 4008 2004-08-10 23:39 .. -rw-rw-r-- 1 biff drummers 18 2004-07-08 07:40 chocolate_turkey_casserole.txt -rw-rw-r-- 1 biff drummers 12 2004-08-08 15:10 pineapple_mushroom_surprise.txt drwxr-xr-x 2 biff drummers 80 2004-08-10 23:28 src
Suppose further that the user crash tries to delete the file pineapple_mushroom_surprise.txt, which crash finds offensive. crash expects this to work, because he belongs to the group drummers and the group-write bit is set on this file. Remember, though, that biff set the parent directory's sticky bit. Therefore, crash's attempted deletion fails, as we see in Listing 2.
Listing 2. Attempting Deletion with Sticky Bit Set
crash> rm pineapple_mushroom_surprise.txt rm: cannot remove `pineapple_mushroom_surprise.txt': Operation not permitted
One more note on the sticky bit: it only applies to the directory's first level downward. In Listing 1, you may have noticed that besides the two nasty recipes, extreme_casseroles/ also contains another directory, src. The contents of src will not be affected by extreme_casseroles' sticky bit, although the directory src itself is. If biff wants to protect src's contents from group deletion, he needs to set src's own sticky bit.
Practical Task Scheduling Deployment
One of the best things about the UNIX environment (aside from being stable and efficient) is the vast array of software tools available to help you do your job. Traditionally, a UNIX tool does only one thing, but does that one thing very well. For example, grep is very easy to use and can search vast amounts of data quickly. The find tool can find a particular file or files based on all kinds of criteria. It's pretty easy to string these tools together to build even more powerful tools, such as a tool that finds all of the .log files in the /home directory and searches each one for a particular entry. This erector-set mentality allows UNIX system administrators to seem to always have the right tool for the job.
Cron traditionally has been considered another such a tool for job scheduling, but is it enough? This webinar considers that very question. The first part builds on a previous Geek Guide, Beyond Cron, and briefly describes how to know when it might be time to consider upgrading your job scheduling infrastructure. The second part presents an actual planning and implementation framework.
Join Linux Journal's Mike Diehl and Pat Cameron of Help Systems.
Free to Linux Journal readers.View Now!
|The Firebird Project's Firebird Relational Database||Jul 29, 2016|
|Stunnel Security for Oracle||Jul 28, 2016|
|SUSE LLC's SUSE Manager||Jul 21, 2016|
|My +1 Sword of Productivity||Jul 20, 2016|
|Non-Linux FOSS: Caffeine!||Jul 19, 2016|
|Murat Yener and Onur Dundar's Expert Android Studio (Wrox)||Jul 18, 2016|
- Stunnel Security for Oracle
- The Firebird Project's Firebird Relational Database
- Murat Yener and Onur Dundar's Expert Android Studio (Wrox)
- SUSE LLC's SUSE Manager
- Managing Linux Using Puppet
- My +1 Sword of Productivity
- Google's SwiftShader Released
- Non-Linux FOSS: Caffeine!
- Doing for User Space What We Did for Kernel Space
- SuperTuxKart 0.9.2 Released
With all the industry talk about the benefits of Linux on Power and all the performance advantages offered by its open architecture, you may be considering a move in that direction. If you are thinking about analytics, big data and cloud computing, you would be right to evaluate Power. The idea of using commodity x86 hardware and replacing it every three years is an outdated cost model. It doesn’t consider the total cost of ownership, and it doesn’t consider the advantage of real processing power, high-availability and multithreading like a demon.
This ebook takes a look at some of the practical applications of the Linux on Power platform and ways you might bring all the performance power of this open architecture to bear for your organization. There are no smoke and mirrors here—just hard, cold, empirical evidence provided by independent sources. I also consider some innovative ways Linux on Power will be used in the future.Get the Guide