[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [seul-edu] Students can access Principal's files!



Not knowing what distribution you're using or your level of system 
administration skills.....

Before you start doing anything destructive, like killing processes....

 - Are you sure that you are looking at the permissions on the actual files?  
When you check the permissions, are you checking an NFS-mount version, or the 
files on the server?

 - What permissions do the files have when NIS/NFS isn't running?
You may have to boot into single user mode to check this.

 - Do you have ++ at the end of your netgroups file?  This would trust 
everybody for everything.  

Run, don't walk, to your local bookstore, and get the appropriate O-Reilly 
book.  In this case, that would be "Managing NFS and NIS".

I'd bet on NIS being the culprit, especially if automounter is running. It 
would remount with its documented permissions whenever a file/directory is 
requested., assuming that it wasn't still open from a previous access.  If 
that is happening, changing file permissions won't help a bit.

On Wednesday 01 May 2002 08:57 am, Robert Maynord wrote:
> Dear Seul Folks:
>
> I have close to 70 machines running on our school network now - almost
> all Linux.  Students log in with NIS, and load their HOME directories
>  with NFS.  The server is running Mandrake 8.0. All works fine, except
> for one problem:  the server won't let me change permissions on the HOME
> directories, and they are set to 755.  This means that all the students
> can access the principal's HOME directory for viewing.  They can also
> view each other's directories.  When I try to change permissions on the
> HOME directories to 700 (as root) they stay changed for about 15
> minutes, and then change back!!!!
>
> I have tried disabling msec and it made no difference.  I have also
> disabled cron - but no luck.  Something is auto-changing the permissions.
>
> I have been looking for 2 weeks, but no luck.  Does anyone have a clue
> as to what might be auto-setting my HOME directory permissions?
>
>
> Thanks!
>
> Robert Maynord