Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
W
W
whoLenin2018-05-08 20:20:25
linux
whoLenin, 2018-05-08 20:20:25

How to access a file in a user folder inside root in Ubuntu?

There are shell scripts and configs for them that should be executed by cron, but should not be visible to the user on whose behalf they will be executed - at least he should not stumble upon them while walking around the file system.
This is necessary so that a potential attacker, having gained access to the system on behalf of the user, could not steal passwords from configs that go to shell scripts.
Let the files be:
/root/.crons/user_folder/user_script.sh
/root/.crons/user_folder/config.sh Let the
user be dummy .
At the same time, /root and /root/.crons are owned by root:root .
And user_folder ,user_script.sh and config.sh are owned by the user/group dummy:dummy , and for the sake of simplicity, I've set them all to 777 for the time being .
It is assumed that the cron will be executed as root, but on behalf of the user:
* * * * * dummy /root/.crons/user_folder/user_script
Before installing such a cron, I try to run the script as dummy - Permissions denied .
Trying to just read the file with cat - Permissions denied .
I'm trying to see the contents of the user_folder - Permissions denied folder .
It seemed to me that if my, as a user, folder and files are inside someone else's, then I can still have access to them.
Perhaps it is not. If yes, why?
How can I solve the problem of hiding my folder inside the root folder (or another user's)?
How can the problem be solved differently?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
J
jcmvbkbc, 2018-05-08
@whoLenin

It seemed to me that if my, as a user, folder and files are inside someone else's, then I can still have access to them.
Perhaps it is not. If yes, why?

This is not true. In order to have any access to a file, you need to have 'x' access to every directory in the path to that file. Those. to access the file /root/.crons/whatever you need to have 'x' to /root and 'x' to /root/.crons.

Report
C
CityCat4, 2018-05-08
@CityCat4

Don't touch the root's homework!
Root homework must be 0700 root:root and no dog must rummage through it! As well as users (if there are several) with normal rights should not go into each other's homework! This is everyone's "personal space".
Passwords in configs are very bad. This is permissible only when it is impossible in any other way, and then in that case I write a script that trivially encodes and decodes the password. For a common script, in this case, a folder is allocated, for example, in /usr/share, where you can make a couple more levels for Blazeera with meaningless names :), and inside it you can already do what you need.
To open a file even for reading, the user must have read rights to the directory of allpath elements. That is, if your file is in /usr/share/systemscripts/default/usersettings/zhopa/zhopa.txt, then all six path elements must have read permissions.
man getfacl, man setfacl

Report
A
Alexander Komarchuk, 2018-07-02
@AlexanderKomarchouk

Hello.
Colleagues have already told you that you don't need to do anything like that, because security is violated. But if you really need it, after thinking ten times, you can do what you want.
In 1999, a similar problem also arose. It was necessary to do "something", but ordinary users did not have to know some information that is available only to root.
You can use Unix/Linux operating system features, setuid is "set user ID at run time".
Create a test program, let's call it startuid.c:

// startuid.c
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <unistd.h>
#include <sys/wait.h>

int main(void)
{
   pid_t child_pid;

    printf("Real UID\t= %d\n", getuid());
    printf("Effective UID\t= %d\n", geteuid());
    printf("Real GID\t= %d\n", getgid());
    printf("Effective GID\t= %d\n", getegid());
   
   if((child_pid = fork()) < 0 )
   {
      perror("fork failure");
      exit(1);
   }

   if(child_pid == 0)
   {
      execl("/bin/ls", "ls", "-l", "/root", (char*)0);
      perror("execl() failure!\n\n");
      _exit(1);
   }
    return EXIT_SUCCESS;
}

Compile startuid.c, and copy the result to the home directory of a normal user, such as alex , who will have to execute the command you need with uid=0(root).
[Unix]# ls -l
-rwxr-xr-x 1 root root 7348 Jul  2 18:19 startuid

use chmod to set setuid attribute
[Unix]# chmod u+s startuid
[Unix]# ls -l
-rwsr-xr-x 1 root root 7348 Jul  2 18:19 startuid

Prior to setting the setuid attribute, and running startuid as user alex , doing "ls -l /root" (listing root 's home directory) gave a "Permission denied" error. After setting the setuid attribute, and running startuid, you get a list of files in the root user's directory.
Of course, running "ls -l /root" is just an example, instead you can write the command that you need to execute as a normal user from root.
In addition, you may find it useful to read about Sticky bit
. Good luck, and be careful.

Similar questions
O
OKNOZA2015-06-21 23:31:05
Can I not use NodeJS templating engine? 7Reply
B
Bliss022021-05-03 18:53:48
How to remove selection from margin? 2Reply
L
levisl2017-02-19 12:12:27
How to create and manage repositories for RHEL? 1Reply
J
John2019-07-17 14:08:04
Which server/client combination is more stable for remote access from Windows to Linux? 2Reply
V
Vitaly2019-07-17 16:23:27
Why does iptables-restore error occur? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question