Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Re: User assigned to privileged group
Operating Systems AIX Re: User assigned to privileged group Post 68591 by Just Ice on Tuesday 5th of April 2005 03:56:33 PM
Old 04-05-2005
if the user decides to make changes in a group-writable file and/or directory that is owned by GID 1, there is nothing you can do about it as the user is a valid member with valid rights ...

from a quick scan of my /etc/passwd files --- only root and daemon are members of the "other" group so anything that is group-writable by root with the default uid/gid is open to changes ... if root with gid 1 installs an application and the application directory stays with gid 1 and is group-writable, the gid 1 regular user can potentially remove the application without any checks ... if the application is security-related, the server is now easily compromised ...
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

User Group

I can't get a clear answer on this one... I have a Oracle user created in group 'dba' when this user touches a file the group displayed is 'sys' - why? The 'sys' group is not included in the list of secondary groups for this user. Is this standard to Oracle on Unix? (AIX) Anybody? (1 Reply)
Discussion started by: errolg
1 Replies

2. UNIX for Dummies Questions & Answers

user/group

Hi! Herez the scenario 1. logged in as user xxxx $ id uid=125(xxxx) gid=101(my_grp) groups=0(system),15(users),16(sysadmin),19(adm),110(appl) $ touch test $ ls -la test -rw-r--r-- 1 xxxx system 0 Mar 7 14:31 test Why is the group of the file test 'system' and not... (2 Replies)
Discussion started by: sdharmap
2 Replies

3. Solaris

what privileged accounts exist on solaris

Hi Buddys, We are using SUN-ONE LDAP and We need to define and implement a quarterly review of privileged accounts in the Unix environment.So, in the unix world, this would involve knowing what accounts are on each server, who has root access, what privileged accounts exist, who can sudo to... (0 Replies)
Discussion started by: bhupals
0 Replies

4. Shell Programming and Scripting

Find all files with group read OR group write OR user write permission

I need to find all the files that have group Read or Write permission or files that have user write permission. This is what I have so far: find . -exec ls -l {} \; | awk '/-...rw..w./ {print $1 " " $3 " " $4 " " $9}' It shows me all files where group read = true, group write = true... (5 Replies)
Discussion started by: shunter63
5 Replies

5. Solaris

Non-root user access to privileged ports-Solaris 8

Please let me know how to setup a non-root user to be able to access a privileged port (<1024) on Solaris 8. I am currently running tomcat as "tomcat" user and I get the following error during to start up: SEVERE: Error initializing endpoint java.net.BindException: Permission denied<null>:443 (5 Replies)
Discussion started by: pingmeback
5 Replies

6. Shell Programming and Scripting

user and its group

Hello, is there any command which can show a particular user "xyz" is belongs to how many groups thanks (3 Replies)
Discussion started by: lookinginfo
3 Replies

7. Ubuntu

Create New User with the same group nd privileges of the other user

Hi, Anyone can help me on how to duplicate privileges and group for useroradb01 to userrootdb01. I have currently using "useroradb01" and create a newly user "userrootdb01". I want both in the sames privileges and group. Please see the existing users list below; drwxr-xr-x 53 useroradb01... (0 Replies)
Discussion started by: fspalero
0 Replies

8. Shell Programming and Scripting

user without group

hi i have vert strange query.. can we add user in unix with out assigned it to any group i mean user which is having no default group or anything.. like this in /etc/passwd file new_user:::::::: Please help (2 Replies)
Discussion started by: aishsimplesweet
2 Replies

9. Red Hat

User is a Part of a Group But Group Details Do Not Show the User

Hi, In the following output you can see the the user "richard" is a member on the team/group "developers": # id richard uid=10247(richard) gid=100361(developers) groups=100361(developers),10053(testers) but in the following details of the said group (developers), the said user... (3 Replies)
Discussion started by: indiansoil
3 Replies

10. UNIX for Beginners Questions & Answers

Privileged port

I have read in many articles that ports below 1024 are privileged ports. My question is if port 1024 is an privileged or a unprivileged port. Some say privileged and some unprivileged.. (1 Reply)
Discussion started by: lobsang
1 Replies

LEARN ABOUT NETBSD

groupadd

GROUPADD(8)						    BSD System Manager's Manual 					       GROUPADD(8)

NAME

     groupadd -- add a group to the system

SYNOPSIS

     groupadd [-ov] [-g gid] [-r lowgid..highgid] group

DESCRIPTION

     The groupadd utility adds a group to the system.  See group(8) for more information about EXTENSIONS.  The options are as follows:

     -g gid  Give the numeric group identifier to be used for the new group.

     -o      Allow the new group to have a gid which is already in use for another group.

     -r lowgid..highgid
	     Set the low and high bounds of a gid range for new groups.  A new group can only be created if there are gids which can be assigned
	     inside the range.	This option is included if built with EXTENSIONS.

     -v      Enable verbose mode - explain the commands as they are executed.  This option is included if built with EXTENSIONS.

EXIT STATUS

     The groupadd utility exits 0 on success, and >0 if an error occurs.

SEE ALSO

     group(5), group(8), user(8)

HISTORY

     The groupadd utility first appeared in NetBSD 1.5.  It is based on the addnerd package by the same author.

AUTHORS

     The groupadd utility was written by Alistair G. Crooks <agc@NetBSD.org>.

BSD
								 November 7, 2005							       BSD
All times are GMT -4. The time now is 07:11 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy