Solved

Unix - Permission issue

Posted on 2013-06-05
5
282 Views
Last Modified: 2013-06-24
I was able to login as a regular user and able to cd to this directory. How is it possible.

How it understand 2345? based on the below permission, we only have r/w access to owner 2345 and unix does not able to see who is 2345. Can some one advise.

$ ls -ld .
drwx------ 3 2345 dev 8192 Jun  5 10:09 .
$
$
$ pwd
/data/app/dev/tech

$ df -h .
Filesystem            Size  Used Avail Use% Mounted on
NAS device:/vol/tech
                      8.0G  2.1G  6.0G  26% /data/app/dev/tech
0
Comment
Question by:ittechlab
  • 2
  • 2
5 Comments
 
LVL 20

Assisted Solution

by:carlmd
carlmd earned 215 total points
ID: 39223211
What you are showing is the permissons on a directory, that appears to be a sub directory. What are the permissions or the directory above it, and the files in it?

To confirm, you logged in as a user other than 2345?
0
 

Author Comment

by:ittechlab
ID: 39223458
yes. I am logged in as a user which has different uid.

How I am able to cd to the directory when I am not the owner of this directory.
0
 

Author Comment

by:ittechlab
ID: 39223615
when I mount NFS file system, how is the permission works.  Can you please explain in me detail.
0
 
LVL 20

Expert Comment

by:carlmd
ID: 39223778
So the directory you are talking about is NFS mounted from a windows (or what type) system?
0
 
LVL 26

Accepted Solution

by:
skullnobrains earned 215 total points
ID: 39228944
the read permission will let you list the files INSIDE the directory
the execute permission will let you access the contained file's metainfo

so basically, unless your shell does some extra checks, there is no reason why you could not cd to a directory even though you are not allowed to read it's contents. you should rather have a look at the permissions on the parent directory if you wonder about that

---

2345 is an uid on a remote system (could also be a deleted local user). unix systems will handle access rights based on uids. if the uid is not mapped to a name, it only changes the display of ls and the likes but the permissions work the same. you may or may not be able to set permissions for a non-existent user, but they will work properly regardless.

---

when you mount an nfs volume with no specific options, nfs passes uids verbatim, and the remote system handles them like local ones. if user 1005 is "max" on the client side and "bob" on the server side, max will actually have the same access rights on the server as bob would have if he logged on to the server.

various mount options can change this behavior : nfs supports mapping specific users to other users, map everybody to a specific user, add acls based on client ip... most distributions will setup nfs shares with a default root_squash option that changes uid 0 to guest so you cannot have root access.

when you setup nfs, you need to make sure that either you map users to dedicated accounts, or you keep the uids in sync on all machines
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

In tuning file systems on the Solaris Operating System, changing some parameters of a file system usually destroys the data on it. For instance, changing the cache segment block size in the volume of a T3 requires that you delete the existing volu…
This tech tip describes how to install the Solaris Operating System from a tape backup that was created using the Solaris flash archive utility. I have used this procedure on the Solaris 8 and 9 OS, and it shoudl also work well on the Solaris 10 rel…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now