How it can be??

[vuliad]

Am i right understand - if we set chmod 666 on file, any user can access it?

[root@server /etc/mail]# ls -alh aliases*
-rw-r--r--  1 root  wheel    24K Nov 19 14:04 aliases
-rw-rw-rw-  1 root  wheel    48K Nov 18 13:16 aliases.db

from root it accessible ok. BUT

[cmd=]sudo -u otheruser cat /etc/mail/aliases[/cmd]

gives access denied.

If I login with otheruser

[otheruser@server /] cd /etc/
-bash: cd: /etc/: Permission denied

then

[otheruser@server ~]$ ls -al | grep etc
drwxr-x--x   2 1000  1002  3584 Oct 22 13:12 etc

BUT at the same time! from root

[root@server /]# ls -al | grep etc
drw-r--r--  36 root  wheel        1024 Nov 19 14:17 etc

Why it's differ? how can I enable this folder and file. and why chmod can't do anything?
help)

 

[jalla]

Am i right understand - if we set chmod 666 on file, any user can access it?

No, the user must have access to all components of the path. i.e to access /path/to/file the user must have read/execute permissions on /path and /path/to as well

[root@server /etc/mail]# ls -alh aliases*
-rw-r--r-- 1 root wheel 24K Nov 19 14:04 aliases
-rw-rw-rw- 1 root wheel 48K Nov 18 13:16 aliases.db

from root it accessible ok. BUT
sudo -u otheruser cat /etc/mail/aliases
gives access denied.

As per above, check permissions on /etc and /etc/mail

if i login with otheruser
[otheruser@server /] cd /etc/
-bash: cd: /etc/: Permission denied

Permissions on /etc is messed up

then
[otheruser@server ~]$ ls -al | grep etc
drwxr-x--x 2 1000 1002 3584 Oct 22 13:12 etc

This is not /etc, it's a dir called etc in the users homedir (~otheruser/etc)

BUT at the same time!! from root

[root@server /]# ls -al | grep etc
drw-r--r-- 36 root wheel 1024 Nov 19 14:17 etc

Yeah, there it is, you have changed mode on /etc to 744. Set it back to 755.
(And generally, never change the mode of system directories)

 

[SirDice]

While you're at it change the permissions on aliases.db too. Others should NOT have write permissions there.

# chmod 644 /etc/mail/aliases.db