Marc Lehmann writes:
> Maybe it helps when you realise thta chown can also modify a file... Only root can do that. In any case, I was ceeding the point that it is essentially the same thing. > You yourself mentioned some - in any case, does this lead somewhere? I was just curious if there were some that I didn't know about. >> In both cases the permissions on the file itself are wrong, > > You keep making this false claim, but that doesn't lend it more > credence. POSIX permissions work the way they work, and if you think some > combination of permissions are wrong, what are the rules to determine > right and wrong and what is your source for this repeated statement? Simple... right doesn't allow access to the people you don't want to have it. Wrong permissions do allow access to those you don't intend to have it. Working around that by other means ( to deny access to the entire filesystem ) does not change the fact that the permissions on the file are not configured correctly to carry out your intent. >> >> The permissions allow access that you do not wish it to. Ipso facto, >> the permissions are incorrect. > > Ah, maybe I see where you are copming from - gparted changes effective > permissions, so they are wrong. No, I didn't say anything about gparted. When gparted mounts it somewhere that isn't traverse proof, yes, that does allow access where it was not previously, but that's really only exposing the underlying bug that was always there: that the permissions on the files are too loose. If you are running an unpatched kernel that is vulnerable to a remote exploit and aren't connected to the network, then you don't have to worry about it, but if I plug in an Ethernet cable, it doesn't mean that the breach of security is my fault.
