Hi,
I came across this issue today and it changes everything I know about file permissions in linux.
I created the following files in my system :
/tmp> ls -lad /tmp/testperm/
drwx------ 2 sagi users 4096 Apr 12 20:23 /tmp/testperm/
/tmp> ls -lad /tmp/testperm/file.txt
-rw------- 1 sagi users 12 Apr 12 20:23 /tmp/testperm/file.txt
as you can see the owner of the file is myself and the file permissions are 600.
Which as I know it, means that user sagi can read/write,
and because the other file permission are set to 0, just the owner of the file can read/write from/to it.
One more thing, as you can see I also set that only the owner of the directory (which is me again) can read and cd (the execute bit) to the directory.
My question is : how come user ‘root’ can read the content of the file ?
# id
uid=0(root) gid=0(root) groups=0(root)
# cat /tmp/testperm/file.txt
Hello world
/tmp is part of my root filesystem which is formated as ext4 and mounted with the following parameters :
/dev/sda3 on / type ext4 (rw,relatime,user_xattr,acl,barrier=1,data=ordered)
I’m running :
openSUSE 11.4 (x86_64)
VERSION = 11.4
CODENAME = Celadon
and if we’ll put aside the sarcasm, what will be the answer ?
On 04/12/2011 01:06 PM, sagiben wrote:
>
> Hi,
>
> I came across this issue today and it changes everything I know about
> file permissions in linux.
>
> I created the following files in my system :
>
> Code:
> --------------------
>
> /tmp> ls -lad /tmp/testperm/
> drwx------ 2 sagi users 4096 Apr 12 20:23 /tmp/testperm/
> /tmp> ls -lad /tmp/testperm/file.txt
> -rw------- 1 sagi users 12 Apr 12 20:23 /tmp/testperm/file.txt
>
> --------------------
>
>
> as you can see the owner of the file is myself and the file permissions
> are 600.
> Which as I know it, means that user sagi can read/write,
> and because the other file permission are set to 0, just the owner of
> the file can read/write from/to it.
>
> One more thing, as you can see I also set that only the owner of the
> directory (which is me again) can read and cd (the execute bit) to the
> directory.
>
> My question is : how come user ‘root’ can read the content of the file
Because root is the ‘superuser’ and can do anything. That is why running as root
is dangerous. A trivial command as root (which I will not list) can destroy an
entire file system very quickly.
It wasn’t sarcastic. This is the true answer. Someone has to be able to access all the files in the system. Under Linux and Unix, this is root. Can you imagine what could possibly happen if users were able to hide files from root? You can encrypt your files and root will not be able to read them but he will still be able to delete them or remove your directories or even you user account.
In other words, the access rights you set on your files as user do not apply to root.
So now you know that your knowledge was incomplete.
yes, my knowledge was incomplete …
but at least I learned something new today 
The thing is that I’m not a newbie, I have some experience as a user and as a developer in Linux,
but somehow I was always sure that even root can’t access file that his permission is set to 600.
On 2011-04-12 20:36, sagiben wrote:
>
> and if we’ll put aside the sarcasm, what will be the answer ?
That’s the answer 
Root can do (almost) anything.
–
Cheers / Saludos,
Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)
On 2011-04-12 21:06, sagiben wrote:
> but somehow I was always sure that even root can’t access file that his
> permission is set to 600.
I actually found a situation when root could not read a file from somebody
else - but he could change the permissions and read it. I don’t remember
the exact situation.
To me that was a big surprise, root should be able to read anything.
–
Cheers / Saludos,
Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)
This is a fundamental design principle of Unix/Linux, that the superuser has access to everything, for reasons of system maintenance, backup, etc.
If it is a network file, mounted from another system, that might happen. But if it is a local file, then root can read it.