the power of being root

Tony Arnold tony.arnold at manchester.ac.uk
Thu May 19 10:31:19 UTC 2005


On Tue, 2005-05-17 at 02:28 +0700, sn00bb0rn.linux gmail wrote:

> I am a newbie. I play with linux CLI now (using chmod and chown).
> It seems to me that if I am using su -as root- I can use all directories 
> and files that I -by my own setting- not allowed. For instance I have 
> set chown 700 to some files and folder as a normal user. I think it will 
> prevent anyone else using it (even root). But when as root I can still 
> read the content of thet file.
> My question is, is that a normal in *nix world ? I imagine how powerfull 
> an computer administrator of a company will be. He can read *all 
> sensitive data* that beyond his level. Please tell me, and point me 
> where my understanding of this matter that was wrong. Sorry for the 
> unproper English.

Yes, as others have already pointed out, your understanding is quite
correct and as you have realised operating as root cn be potentially
dangerous.

In normal *nix, it is all or nothing. root is all powerful, users are
not and there is nothing in between. Other systems have implemented a
variety of privileges that can be assigned to users and can control to a
degree how much power a user has. I'm thinking here of OpenVMS which has
up to 32 privileges. An example, is you can assign a privilege which
allows a users to read everyones files, but not to modify them. AN
operator running backups might need such a privilege.

Regards,
Tony.
-- 
Tony Arnold, IT Security Coordinator, University of Manchester,
Manchester Computing, Kilburn Building, Oxford Road, Manchester M13 9PL.
T: +44 (0)161 275 6093, F: +44 (0)870 136 1004, M: +44 (0)773 330 0039
E: tony.arnold at manchester.ac.uk, H: http://www.man.ac.uk/Tony.Arnold






More information about the ubuntu-users mailing list