From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: Date: Tue, 1 Feb 2005 12:21:01 +0900 From: arisawa@ar.aichi-u.ac.jp To: 9fans@cse.psu.edu Subject: Re: [9fans] remove files in /srv In-Reply-To: <05b7ca7e8285696ad011d8d8b359dc20@orthanc.cc.titech.ac.jp> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Topicbox-Message-UUID: 3b4c8512-eace-11e9-9e20-41e7f4b1d025 >Anyone can replace files in /srv. Bad things won't >happen if /srv/boot has been replaced by a malicious user? Try: term% cd /srv term% ls -ld /srv d-r-xr-xr-x s 0 arisawa arisawa 0 Oct 26 20:44 /srv term% ls -l --rw-rw-rw- s 0 arisawa arisawa 0 Oct 26 20:44 boot --rw-rw-rw- s 0 arisawa arisawa 0 Oct 26 20:44 cs --rw-rw-rw- s 0 arisawa arisawa 0 Oct 26 20:44 dns --rw------- s 0 arisawa arisawa 0 Oct 26 20:44 dos --rw------- s 0 arisawa arisawa 0 Oct 26 20:44 f --rw-rw-rw- s 0 arisawa arisawa 0 Oct 26 20:44 factotum --rw-rw-rw- s 0 arisawa arisawa 0 Oct 26 20:44 fossil --rw------- s 0 arisawa arisawa 0 Oct 26 20:44 fscons --rw------- s 0 arisawa arisawa 0 Oct 26 20:44 nfsserver.chat --rw------- s 0 arisawa arisawa 0 Oct 26 20:44 pc --rw------- s 0 arisawa arisawa 0 Oct 26 20:44 plumb.arisawa.199 --rw------- s 0 arisawa arisawa 0 Oct 26 20:44 portmapper.chat --rw------- s 0 arisawa arisawa 0 Oct 26 20:44 rio.arisawa.44 --rw------- s 0 arisawa arisawa 0 Oct 26 20:44 riowctl.arisawa.44 term% su alice su# rm boot rm: boot: permission denied su# echo bla | /srv/boot /srv/boot: permission denied su# cp fossil boot cp: can't create boot: srv file already exists su# Kenji Arisawa .