Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
How can i list the existing groups???[SOLVED]
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Jerichoo
n00b
n00b


Joined: 02 Apr 2008
Posts: 63
Location: Turkey

PostPosted: Wed May 15, 2013 3:19 pm    Post subject: How can i list the existing groups???[SOLVED] Reply with quote

Hello everyone,
I am sure the title is not clear but couldn't find better title than that anyway my question is that i wanna list all the groups in my linux machine.Like when we creating new user we are registering this user to some groups like wheel,audio,floppy etc.i wanna see all the available groups.

plus every time i install a program can i see if the program created a new group?


Last edited by Jerichoo on Sat May 18, 2013 8:10 am; edited 2 times in total
Back to top
View user's profile Send private message
666threesixes666
Veteran
Veteran


Joined: 31 May 2011
Posts: 1248
Location: 42.68n 85.41w

PostPosted: Wed May 15, 2013 3:21 pm    Post subject: Reply with quote

my users groups =

mkultra@mksrv ~ $ groups
wheel audio video games kvm users plugdev mkultra

to list all groups available

cat /etc/group
Back to top
View user's profile Send private message
John R. Graham
Administrator
Administrator


Joined: 08 Mar 2005
Posts: 10587
Location: Somewhere over Atlanta, Georgia

PostPosted: Wed May 15, 2013 3:24 pm    Post subject: Reply with quote

Correct. Slightly more fancy,
Code:
awk -F':' '{ print $1 }' /etc/group
shows just the groups without the other information the file contains.

- John
_________________
I can confirm that I have received between 0 and 499 National Security Letters.
Back to top
View user's profile Send private message
Jerichoo
n00b
n00b


Joined: 02 Apr 2008
Posts: 63
Location: Turkey

PostPosted: Wed May 15, 2013 4:36 pm    Post subject: Reply with quote

what is the difference between root and a user who has all the groups available?
Back to top
View user's profile Send private message
666threesixes666
Veteran
Veteran


Joined: 31 May 2011
Posts: 1248
Location: 42.68n 85.41w

PostPosted: Wed May 15, 2013 4:45 pm    Post subject: Reply with quote

ls -al shows file permissions, users, and groups associated... there are 3 blocks of permissions. 1 user 2 groups 3 others.... rwx rx rx = groups cannot write files. rwx rx --- = the user can read write execute group can read execute everyone else who is not the user or group member cannot do anything. its a REALLY loaded question.

this is as i understand it... not necessarily the end all answer

so a root root rwx rx --- file would not be writable as a user in the root group, where the root user would have power to write to that file.

its in the cluster of commands involving chown, chgrp, chmod... permission management, security lock down of your systems files.
Back to top
View user's profile Send private message
Ant P.
Watchman
Watchman


Joined: 18 Apr 2009
Posts: 6920

PostPosted: Wed May 15, 2013 5:56 pm    Post subject: Reply with quote

Jerichoo wrote:
what is the difference between root and a user who has all the groups available?

Quite a lot of (sometimes badly written) programs will behave differently based solely on whether or not they're run under userid 0. You don't even need to be in particular groups to do root-level damage as a normal user, file capabilities can grant all root privileges to any user running a given program.
Back to top
View user's profile Send private message
Jerichoo
n00b
n00b


Joined: 02 Apr 2008
Posts: 63
Location: Turkey

PostPosted: Thu May 16, 2013 4:28 pm    Post subject: Reply with quote

The last question
do you think that is it vulnerability making a user member of the all available groups without changing any file permissions for daily use?.
Back to top
View user's profile Send private message
mv
Watchman
Watchman


Joined: 20 Apr 2005
Posts: 6747

PostPosted: Thu May 16, 2013 7:33 pm    Post subject: Reply with quote

Jerichoo wrote:
do you think that is it vulnerability making a user member of the all available groups

Yes. From the security viewpoint it is practically equivalent of running under root: If e.g. a vulnerability in your browser is exploited, any data can be changed; in particular, the attacker will get a rootkit installed in the same manner as if you were root - he does not need a privilege escalation bug to achieve this, since your configuration is that bug :wink:
Back to top
View user's profile Send private message
Jerichoo
n00b
n00b


Joined: 02 Apr 2008
Posts: 63
Location: Turkey

PostPosted: Sat May 18, 2013 8:11 am    Post subject: Reply with quote

thank you all :D
Back to top
View user's profile Send private message
papahuhn
l33t
l33t


Joined: 06 Sep 2004
Posts: 626

PostPosted: Sat May 18, 2013 9:14 am    Post subject: Reply with quote

mv wrote:
Yes. From the security viewpoint it is practically equivalent of running under root: If e.g. a vulnerability in your browser is exploited, any data can be changed; in particular, the attacker will get a rootkit installed in the same manner as if you were root - he does not need a privilege escalation bug to achieve this, since your configuration is that bug :wink:


Well, it's not THAT bad (but I still wouldn't do it). All files under /bin, /sbin/, /lib are only writeable by uid=root. Moreover, with gid=root but uid!=root, one does not have special privileges by oneself (seteuid, setegid, ...); gid=root is not a special group like uid=root is a special user.
_________________
Death by snoo-snoo!
Back to top
View user's profile Send private message
mv
Watchman
Watchman


Joined: 20 Apr 2005
Posts: 6747

PostPosted: Sat May 18, 2013 2:02 pm    Post subject: Reply with quote

papahuhn wrote:
Well, it's not THAT bad (but I still wouldn't do it). All files under /bin, /sbin/, /lib are only writeable by uid=root.

You can just write on the disk by /dev/sd* and thus change anything which you want. If you do not want to install a full rootkit in this way: You only need to save your install program and make it suid root by writing to /dev/sd*, and you can install your rootkit with full root privileges. There are probably also many other possibilities to become root if you belong to all groups: Also do not forget that you have full access to the whole memory (at least readonly), to all tty's, to the printer daemon (which has also a part running as root) etc. If you use a broken design concept like polkit (with a root daemon running), it is probably also easy to obtain root privileges in this way.
Back to top
View user's profile Send private message
papahuhn
l33t
l33t


Joined: 06 Sep 2004
Posts: 626

PostPosted: Sat May 18, 2013 3:15 pm    Post subject: Reply with quote

You're right, the disk-group weighs pretty heavy here.
_________________
Death by snoo-snoo!
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum