File and Directory Permissions, continued
When access requests are made by a process on behalf of a
subject (a user) for an object (a file),
the Unix kernel compares the
effective user- and group-id attributes of the process
against the permission mode bits of the file.
Of note, if the owner's permission bits of a file or directory are not set,
then the owner cannot access the object by virtue of the 'group'
or 'other' bits (can you think why?).
The inode structure also contains indication of the object's
setuid and setgid status,
together with a sticky bit having an
overloaded meaning (historically, setting the sticky bit on an executable
file requested that it not be swapped out of memory - requiring privilege
to set the bit).
On different variants of Unix/Linux the permission mode bits,
in combination,
have some obscure meanings:
- having execute access, but not read access,
to a directory still permits an attacker to 'guess' filenames therein,
- having the sticky bit set on a directory permits only the owner of
a file, therein, to remove or modify the file,
- having the setgid bit set on a directory means that files created in
the directory receive the groupid of the directory, and not of their
creator (owner).
A system administrator managing different operating systems
(Unix/Linux, macOS, many flavours of Windows)
needs be aware of these subtle differences.
CITS2002 Systems Programming, Lecture 16, p9, 19th September 2023.
|
CITS2002