View previous topic :: View next topic |
Author |
Message |
Jerichoo n00b
Joined: 02 Apr 2008 Posts: 63 Location: Turkey
|
Posted: Wed May 15, 2013 3:19 pm Post subject: How can i list the existing groups???[SOLVED] |
|
|
Hello everyone,
I am sure the title is not clear but couldn't find better title than that anyway my question is that i wanna list all the groups in my linux machine.Like when we creating new user we are registering this user to some groups like wheel,audio,floppy etc.i wanna see all the available groups.
plus every time i install a program can i see if the program created a new group?
Last edited by Jerichoo on Sat May 18, 2013 8:10 am; edited 2 times in total |
|
Back to top |
|
|
666threesixes666 Veteran
Joined: 31 May 2011 Posts: 1248 Location: 42.68n 85.41w
|
Posted: Wed May 15, 2013 3:21 pm Post subject: |
|
|
my users groups =
mkultra@mksrv ~ $ groups
wheel audio video games kvm users plugdev mkultra
to list all groups available
cat /etc/group |
|
Back to top |
|
|
John R. Graham Administrator
Joined: 08 Mar 2005 Posts: 10589 Location: Somewhere over Atlanta, Georgia
|
Posted: Wed May 15, 2013 3:24 pm Post subject: |
|
|
Correct. Slightly more fancy, Code: | awk -F':' '{ print $1 }' /etc/group | shows just the groups without the other information the file contains.
- John _________________ I can confirm that I have received between 0 and 499 National Security Letters. |
|
Back to top |
|
|
Jerichoo n00b
Joined: 02 Apr 2008 Posts: 63 Location: Turkey
|
Posted: Wed May 15, 2013 4:36 pm Post subject: |
|
|
what is the difference between root and a user who has all the groups available? |
|
Back to top |
|
|
666threesixes666 Veteran
Joined: 31 May 2011 Posts: 1248 Location: 42.68n 85.41w
|
Posted: Wed May 15, 2013 4:45 pm Post subject: |
|
|
ls -al shows file permissions, users, and groups associated... there are 3 blocks of permissions. 1 user 2 groups 3 others.... rwx rx rx = groups cannot write files. rwx rx --- = the user can read write execute group can read execute everyone else who is not the user or group member cannot do anything. its a REALLY loaded question.
this is as i understand it... not necessarily the end all answer
so a root root rwx rx --- file would not be writable as a user in the root group, where the root user would have power to write to that file.
its in the cluster of commands involving chown, chgrp, chmod... permission management, security lock down of your systems files. |
|
Back to top |
|
|
Ant P. Watchman
Joined: 18 Apr 2009 Posts: 6920
|
Posted: Wed May 15, 2013 5:56 pm Post subject: |
|
|
Jerichoo wrote: | what is the difference between root and a user who has all the groups available? |
Quite a lot of (sometimes badly written) programs will behave differently based solely on whether or not they're run under userid 0. You don't even need to be in particular groups to do root-level damage as a normal user, file capabilities can grant all root privileges to any user running a given program. |
|
Back to top |
|
|
Jerichoo n00b
Joined: 02 Apr 2008 Posts: 63 Location: Turkey
|
Posted: Thu May 16, 2013 4:28 pm Post subject: |
|
|
The last question
do you think that is it vulnerability making a user member of the all available groups without changing any file permissions for daily use?. |
|
Back to top |
|
|
mv Watchman
Joined: 20 Apr 2005 Posts: 6747
|
Posted: Thu May 16, 2013 7:33 pm Post subject: |
|
|
Jerichoo wrote: | do you think that is it vulnerability making a user member of the all available groups |
Yes. From the security viewpoint it is practically equivalent of running under root: If e.g. a vulnerability in your browser is exploited, any data can be changed; in particular, the attacker will get a rootkit installed in the same manner as if you were root - he does not need a privilege escalation bug to achieve this, since your configuration is that bug |
|
Back to top |
|
|
Jerichoo n00b
Joined: 02 Apr 2008 Posts: 63 Location: Turkey
|
Posted: Sat May 18, 2013 8:11 am Post subject: |
|
|
thank you all |
|
Back to top |
|
|
papahuhn l33t
Joined: 06 Sep 2004 Posts: 626
|
Posted: Sat May 18, 2013 9:14 am Post subject: |
|
|
mv wrote: | Yes. From the security viewpoint it is practically equivalent of running under root: If e.g. a vulnerability in your browser is exploited, any data can be changed; in particular, the attacker will get a rootkit installed in the same manner as if you were root - he does not need a privilege escalation bug to achieve this, since your configuration is that bug |
Well, it's not THAT bad (but I still wouldn't do it). All files under /bin, /sbin/, /lib are only writeable by uid=root. Moreover, with gid=root but uid!=root, one does not have special privileges by oneself (seteuid, setegid, ...); gid=root is not a special group like uid=root is a special user. _________________ Death by snoo-snoo! |
|
Back to top |
|
|
mv Watchman
Joined: 20 Apr 2005 Posts: 6747
|
Posted: Sat May 18, 2013 2:02 pm Post subject: |
|
|
papahuhn wrote: | Well, it's not THAT bad (but I still wouldn't do it). All files under /bin, /sbin/, /lib are only writeable by uid=root. |
You can just write on the disk by /dev/sd* and thus change anything which you want. If you do not want to install a full rootkit in this way: You only need to save your install program and make it suid root by writing to /dev/sd*, and you can install your rootkit with full root privileges. There are probably also many other possibilities to become root if you belong to all groups: Also do not forget that you have full access to the whole memory (at least readonly), to all tty's, to the printer daemon (which has also a part running as root) etc. If you use a broken design concept like polkit (with a root daemon running), it is probably also easy to obtain root privileges in this way. |
|
Back to top |
|
|
papahuhn l33t
Joined: 06 Sep 2004 Posts: 626
|
Posted: Sat May 18, 2013 3:15 pm Post subject: |
|
|
You're right, the disk-group weighs pretty heavy here. _________________ Death by snoo-snoo! |
|
Back to top |
|
|
|