[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Re: Re: Re: SSI Vuln on cobalt
- Subject: Re: [cobalt-security] Re: Re: Re: SSI Vuln on cobalt
- From: Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 23 Apr 2002 11:55:20 -0400
- Organization: Front Street Networks LLC
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Tuesday 23 April 2002 11:09 am, Chris Adams wrote:
> Once upon a time, Michael Stauber <cobalt@xxxxxxxxxxxxxx> said:
> > > Since they own the directory (and have to, to create files), they can
> > > remove any .htaccess file root creates.
> >
> > Actually: Who owns a directory doesn't affect the file permissions and
> > file ownerships of anything within the directory.
>
> Actually, you are wrong. It does affect who can create and remove files
> in that directory.
>
Chris is correct, I know it doesn't seem logical, but the owner of a directory
can delete files owned by root, regardles of permissions....
It's the directory ownership that rules....
--
Gerald Waugh : Registered Linux user # 255245
http://www.frontstreetnetworks.com
Front Street Networks LLC - ph. 203.785.0699
229 Front Street, Ste. #C, New Haven, CT, United States of America
11:53am up 32 days, 19:20, 3 users, load average: 1.64, 1.71, 1.76