Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Basic Security question about directory path

from [John Earl] Network Security [Permanent Link]
Subject: Basic Security question about directory path
Date: Wed, 27 Jul 2005 18:12:21 -0700 

This seems like a very basic security question, and I _believe_ I
already know the answer, but I am in a debate with a large software
company about what is the correct security requirement for a path
prefix, so I'm looking for second opinions...

The question is this;  In a standard Unix (or POSIX really) setup, what
authority does a user require to traverse a directory path in order to
read a file from a subdirectory?

For example, if user "FRED" wishes to read file "myfile"
from location "/dir1/dir2/" (so that the full path name is
(/dir1/dir2/myfile"), should user "FRED" need just "x" access to the
root and "dir1" or should user FRED need "rx" access to the root and
"dir1".  The goal is both to read the contents of "myfile", but also to
give the user the lowest amount of authority necessary to complete the
task.

Any insight you have on this would be greatly appreciated.

Thank You,


jte


--
John Earl 
The PowerTech Group
Seattle, WA 
www.powertech.com 
 

 
This email message and any attachments are intended only for the use of
the intended recipients and may contain information that is privileged
and confidential. If you are not the intended recipient, any
dissemination, distribution, or copying is strictly prohibited. If you
received this email message in error, please immediately notify the
sender by replying to this email message, or by telephone, and delete
the message from your email system.
--
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Basic Security question about directory path, John Earl <=
Previous by Date:  RE: Tor and Passwords, M. Shirk
Next by Date:  RE: vuln testing, Craig Wright
Previous by Thread:  RBLs for SPAM Control, Jeff McLaughlin
Next by Thread:  Nessus Tips, kalelme@cantv.net
Indexes:  [Date] [Thread] [Top] [All Lists]