Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Should world writeable files be owned by root?
- Thread starter strikelit
- Start date
It doesn't have to be a root owned! it can be any user! The world writeable permission is assigned to the file or the directory! so it is independent of the user in the case of being a wrold writeable! but if it is owned by another user, other than root, then this user will have the privilage to remove the world writeable permission from there coz he is the offical owner of the file!
Regards,
Khalid
Regards,
Khalid
RodKnowlton
MIS
- Apr 26, 2000
- 1,005
As a general security principle, files owned by root should not be world writeable. This is because there are types of files (scripts, executables, configuration) that root owns that shouldn't be modifiable by everyone, and it's simpler to have the general rule than to try to specify which could be security risks and which wouldn't.
Plus it's the security risk you don't know about that'll get you.
- Rod
IBM Certified Advanced Technical Expert pSeries and AIX 5L
CompTIA Linux+
CompTIA Security+
Wish you could view posts with a fixed font? Got Firefox & Greasemonkey? Give yourself the option.
Plus it's the security risk you don't know about that'll get you.
- Rod
IBM Certified Advanced Technical Expert pSeries and AIX 5L
CompTIA Linux+
CompTIA Security+
Wish you could view posts with a fixed font? Got Firefox & Greasemonkey? Give yourself the option.
- Status
Similar threads
- Locked
- Question