jailkit-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] Don't understand group permissions

From: Caffeine !
Subject: Re: [Jailkit-users] Don't understand group permissions
Date: Sat, 10 Jan 2015 09:44:16 -0500
You're right.   I had to add robber to the system /etc/group's www-data and then group permissions worked.

I thought the jail's group permissions were controled by <jail>/etc/group, but they're not.  They're controlled by /etc/group.

Thank you!








On Fri, Jan 9, 2015 at 2:45 AM, Olivier Sessink <address@hidden> wrote:
On 01/08/2015 07:22 AM, Caffeine ! wrote:
On my system, /etc/group:
www-data:x:33:p
robber:x:1003:

In the jail:
robber:x:1003:
www-data:x:33:p,robber

I don't understand this:

$ whoami
robber

$ ll
total 4.0K
drwxrwxr-- 3 www-data www-data 4.0K Jan  4 16:08 2015/

$ cd 2015/
bash: cd: 2015/: Permission denied

So, despite the fact that user robber is part of group 33, www-data, he still can't cd into 2015/, even though that directory has group permissions of rwx!

The only way robber can access 2015 is if I use my root account and change the permissions of that directory to rwxrwxrwx.

This is even stranger:

$ ls 2015/
ls: cannot access 2015/01: Permission denied
01

The directory structure is 2015/01/, and when I try to list 2015/ it tells me "permission denied" and then goes ahead and lists the directory.

Why are group permissions seemingly ignored?

 what does the real /etc/group say?
it might be very well that <jail>/etc/group is not used.

Olivier

-- 
Bluefish website http://bluefish.openoffice.nl/
Blog http://oli4444.wordpress.com/

_______________________________________________
Jailkit-users mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/jailkit-users


reply via email to
[Prev in Thread] Current Thread [Next in Thread]