[ale] Permission hell question

Dow Hurst dhurst at kennesaw.edu
Wed Jun 30 16:19:03 EDT 2004


So under Linux it is the options in fstab that really make the difference. 
The kernel overlays the mount point permissions with the mounted filesystem 
and allows the user to read and write at will.  Nice tests!  Did you specify 
the user or users option in the fstab?
Dow


Geoffrey wrote:
> Stephan Uphoff wrote:
> 
>> The permissions of the covered mount point usually only come into play
>> when accessing ".." from the root of the mounted fs.
>>
>> This is true for Unix and BSD ... but I have never looked at this part 
>> of the Linux sources.
>>
>> As a normal user try to
>>     cd /mnt/memstick  #OK
>>     pwd               #Fails unless cached by shell
>>     ls ..             #Should fail
>>
>> with /mnt/memstick permission set to 700 and user root.
> 
> 
> I don't agree, note the following, all done as a normal user:
> 
> /home/esoteric> cd /mnt/memstick
> ksh: cd: /mnt/memstick - Permission denied
> 
> rhws/home/esoteric> ls -l /mnt/memstick
> ls: /mnt/memstick: Permission denied
> 
> rhws/home/esoteric> ls -ld /mnt/memstick
> drwx------    2 root     root         4096 May 12 13:59 /mnt/memstick
> 
> rhws/home/esoteric> cd /mnt/memstick
> ksh: cd: /mnt/memstick - Permission denied
> 
> rhws/home/esoteric> mount /mnt/memstick
> 
> rhws/home/esoteric> cd /mnt/memstick
> 
> rhws/mnt/memstick> pwd
> /mnt/memstick
> 
> rhws/mnt/memstick> ls ..
> cdrom  floppy  jump  memstick
> 
> So, I don't believe your point above is valid.
> 
>> It is not really necessary to have matching permissions - but the 
>> wrong set
>> of permissions can cause interesting problems in a production 
>> environment.
> 
> 
> If the mount options are correct, the permissions on the mount point do 
> not matter.  I set the perms on /mnt/memstick to 000 as root:
> 
> d---------    2 root     root         4096 May 12 13:59 /mnt/memstick
> 
> I can still mount the partition as a normal user.  When I do, the perms 
> are:
> 
> drwxr-xr-x    3 esoteric users       16384 Dec 31  1969 /mnt/memstick
> 

-- 
__________________________________________________________
Dow Hurst                  Office: 770-499-3428            *
Systems Support Specialist    Fax: 770-423-6744            *
1000 Chastain Rd. Bldg. 12                                 *
Chemistry Department SC428  Email:   dhurst at kennesaw.edu   *
Kennesaw State University         Dow.Hurst at mindspring.com *
Kennesaw, GA 30144                                         *
************************************************************
This message (including any attachments) contains          *
confidential information intended for a specific individual*
and purpose, and is protected by law.  If you are not the  *
intended recipient, you should delete this message and are *
hereby notified that any disclosure, copying, distribution *
of this message, or the taking of any action based on it,  *
is strictly prohibited.                                    *
************************************************************



More information about the Ale mailing list