Dan just found a bug on the 'rev 688' of FreeNAS:
Here are some command enter by a simple user (not root, not in the wheel group):
> mount
/dev/md0 on / (ufs, local)
devfs on /dev (devfs, local)
/dev/raid5/BigDiskp1 on /mnt/big_share (ufs, local, soft-updates, acls)
/dev/ad0s1 on /cf (ufs, local, read-only)
> ls -alh
total 20501
drwxrwxrwx 3 root wheel 512B Mar 27 23:36 .
drwxrwxrwx 3 root wheel 512B Mar 27 23:33 ..
drwxrwxr-x 2 root operator 512B Mar 26 23:54 .snap
-rw------- 1 root wheel 20M Mar 27 23:36 swap_file
> rm swap_file
override rw------- root/wheel for swap_file? y
> ls -alh
total 5
drwxrwxrwx 3 root wheel 512B Mar 27 23:55 .
drwxrwxrwx 3 root wheel 512B Mar 27 23:33 ..
drwxrwxr-x 2 root operator 512B Mar 26 23:54 .snap
Yes.... a simple user can delete a '600' file !
Then I try with system file:
> ls -alh /var/etc/master.passwd
-rw------- 1 root wheel 899B Mar 27 23:36 /var/etc/master.passwd
> rm /var/etc/master.passwd
override rw------- root/wheel for /var/etc/master.passwd? y
rm: /var/etc/master.passwd: Permission denied
Now I must found the difference between this two files...
Why can I delete the swap_file ??
mardi 27 mars 2007
Inscription à :
Publier les commentaires (Atom)
1 commentaires:
It seems to be that the directory permission is the reason for this problem.
/mnt> ls -alh
total 4
drwxrwxrwx 3 root wheel 512B Mar 27 14:37 .
drwx--x--x 18 root wheel 512B Mar 27 14:19 ..
drwxrwxrwx 5 root wheel 512B Mar 27 17:03 Data
/var> ls -alh
total 10
drwxr-xr-x 6 root wheel 512B Mar 27 16:56 etc
...
If i change /mnt/Data to 755, i'm not able to delete the swap_file anymore.
The bad thing that i'm not able to do anything anymore :-(
Enregistrer un commentaire