[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bug in sed

From: Bob Proulx
Subject: Re: Bug in sed
Date: Tue, 28 Dec 2010 09:55:46 -0700
User-agent: Mutt/1.5.20 (2009-06-14)

Rasmus Olsen wrote:
> I have found that sed does not respect the write file permissions.

Thank you for the report.  But file permissions are the responsibility
of the operating system.  Security cannot exist in the user space or
it can also be easily bypassed and be completely ineffective.
Security can only exist in the operating system.

> It is possible to change any file with sed -i as long as the user
> has write permission to the directory and read permission to the
> file.

Yes.  That is the way Unix filesystem permissions work.  It is the
directory containing the file that controls whether the user can
modify the files in the directory.  If you want to prevent a file from
being modified then in addition to the write permission on the file
you also need to restrict the write permission to the directory
containing it.  Also, having write permission to a directory means
that files within can be removed.

> Steps to reproduce the bug.

Thank you for the small test case.

> echo "hello world" > file
> chmod a=r file
> sed -i s/hello/my/ file

This is exactly the same as if you did these steps.

  echo "hello world" > file
  chmod a=r file
  cp file file.new
  chmod u+rw file.new
  date -R > file.new
  chmod a=r file.new
  mv -f file.new file

As you can see in the file was changed in the above without any use of sed.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]