Re: NMO not setuid-root (Unix-only)

Yong Huang wrote:
> wizofoz2k_at_yahoo.com.au (Noons) wrote:

>>"Howard J. Rogers" <hjr_at_dizwell.com> wrote:
>>>>RemoteOperationException: ERROR: NMO not setuid-root (Unix-only)
>>>>
>>>>Any suggestions? [...]
>>
>>Someone forgot the good old chmod 4777 on executable "oracle"?

In general, a file can be removed if the directory it is in allows you to write in the directory, regardless of the file's permissions. If you have a directory with the sticky-bit set (eg /tmp - usually 1777 permission), then you can only remove the file if you own the file, or if you own the directory, or if you're root*.

But you're right - a SUID anything program with public write permissions is a security disaster; and group should seldom have write permission, either. In fact, when it comes down to it, the owner doesn't really need write permission -- the owner can always fix the permissions immediately before modifying it. So, 4511 or 4555 is a more sensible set of permissions; 4755 would be wholly orthodox; anything more permissive is a bad idea.

-- 
Jonathan Leffler                   #include <disclaimer.h>
Email: jleffler_at_earthlink.net, jleffler_at_us.ibm.com
Guardian of DBD::Informix v2003.04 -- http://dbi.perl.org/

* Quote from POSIX 1003.1 2004, Base Definitions:

4.2 Directory Protection

If a directory is writable and the mode bit S_ISVTX is set on the 
directory, a process may remove or rename files within that directory 
only if one or more of the following is true:
     * The effective user ID of the process is the same as that
       of the owner ID of the file.
     * The effective user ID of the process is the same as that
       of the owner ID of the directory.
     * The process has appropriate privileges.
If the S_ISVTX bit is set on a non-directory file, the behavior is 
unspecified.

'Appropriate privileges' is POSIX-speak for 'root privileges', roughly 
speaking.