[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bug in sed
Re: Bug in sed
Tue, 28 Dec 2010 09:55:46 -0700
Rasmus Olsen wrote:
> I have found that sed does not respect the write file permissions.
Thank you for the report. But file permissions are the responsibility
of the operating system. Security cannot exist in the user space or
it can also be easily bypassed and be completely ineffective.
Security can only exist in the operating system.
> It is possible to change any file with sed -i as long as the user
> has write permission to the directory and read permission to the
Yes. That is the way Unix filesystem permissions work. It is the
directory containing the file that controls whether the user can
modify the files in the directory. If you want to prevent a file from
being modified then in addition to the write permission on the file
you also need to restrict the write permission to the directory
containing it. Also, having write permission to a directory means
that files within can be removed.
> Steps to reproduce the bug.
Thank you for the small test case.
> echo "hello world" > file
> chmod a=r file
> sed -i s/hello/my/ file
This is exactly the same as if you did these steps.
echo "hello world" > file
chmod a=r file
cp file file.new
chmod u+rw file.new
date -R > file.new
chmod a=r file.new
mv -f file.new file
As you can see in the file was changed in the above without any use of sed.