the power of being root
Tony Arnold
tony.arnold at manchester.ac.uk
Thu May 19 10:31:19 UTC 2005
On Tue, 2005-05-17 at 02:28 +0700, sn00bb0rn.linux gmail wrote:
> I am a newbie. I play with linux CLI now (using chmod and chown).
> It seems to me that if I am using su -as root- I can use all directories
> and files that I -by my own setting- not allowed. For instance I have
> set chown 700 to some files and folder as a normal user. I think it will
> prevent anyone else using it (even root). But when as root I can still
> read the content of thet file.
> My question is, is that a normal in *nix world ? I imagine how powerfull
> an computer administrator of a company will be. He can read *all
> sensitive data* that beyond his level. Please tell me, and point me
> where my understanding of this matter that was wrong. Sorry for the
> unproper English.
Yes, as others have already pointed out, your understanding is quite
correct and as you have realised operating as root cn be potentially
dangerous.
In normal *nix, it is all or nothing. root is all powerful, users are
not and there is nothing in between. Other systems have implemented a
variety of privileges that can be assigned to users and can control to a
degree how much power a user has. I'm thinking here of OpenVMS which has
up to 32 privileges. An example, is you can assign a privilege which
allows a users to read everyones files, but not to modify them. AN
operator running backups might need such a privilege.
Regards,
Tony.
--
Tony Arnold, IT Security Coordinator, University of Manchester,
Manchester Computing, Kilburn Building, Oxford Road, Manchester M13 9PL.
T: +44 (0)161 275 6093, F: +44 (0)870 136 1004, M: +44 (0)773 330 0039
E: tony.arnold at manchester.ac.uk, H: http://www.man.ac.uk/Tony.Arnold
More information about the ubuntu-users
mailing list