[PLUG] migrating to new uid/gid

Elliott Mitchell ehem at m5p.com
Sat Nov 26 04:24:26 UTC 2005


>From: Vram <lamsokvr at xprt.net>
> On Fri, 2005-11-25 at 12:19 -0800, Galen Seitz wrote:
> > Russell Senior <seniorr at aracnet.com> wrote:
> > >   # find / -uid <uid>
> > > 
> > > etc?
> > 
> > That's really what I meant when I said recursive chown.  I'm just wondering
> > if the numeric uid/gid is hiding in any other files.
> 
> 
> In general users can only own files in 
> 
> /home/user
> /tmp/user
> 
> 
> Correct me if I am wrong...

Dead wrong. At a minimum add /var/mail and /var/tmp. Fairly often there
is /usr/tmp and /usr/local/tmp (fairly often linked to another tmp and
rarely used, but folks can create files there). In the general case using
`find` is highly recommended in order to guarentee you capture any extra
files.


>From: AthlonRob <athlonrob at axpr.net>
> Galen Seitz wrote:
> > I've got write permission to /usr/local.
> 
> Why would you do that?

Because it is handy. Things directly under /usr are generally considered
more secure than /usr/local. As /usr/local tends to be left out of $PATH
for SUID programs, the hazard from allowing it is not too large (doesn't
mean I do so though).


-- 
(\___(\___(\______          --=> 8-) EHM <=--          ______/)___/)___/)
 \BS (    |         EHeM at gremlin.m5p.com PGP 8881EF59         |    )   /
  \_CS\   |  _____  -O #include <stddisclaimer.h> O-   _____  |   /  _/
    \___\_|_/82 04 A1 3C C7 B1 37 2A*E3 6E 84 DA 97 4C 40 E6\_|_/___/





More information about the PLUG mailing list