I've made a file as root, and written a string in it. Now I've changed mode to "0" like this:
root# ls -al transit/
total 4.0K
---------- 1 root root 6 Jan 5 18:15 27050
root#
If I try to tail, head, or cat it, it works:
root# cat transit/27050
320646
root#
Why is it possible to read it?
Refer to the answer here.
Basically, rootness trumps permissions.
Permissions 000 means only root can read or write the file.
I'm not aware of any extra special use for the combination of root ownership and 000 permissions.
Also, you could find some worthy information from this question as well.
So, as user Hauke Laging points out in his answer,
Always assume that
root(and any other user/process withCAP_DAC_OVERRIDEandCAP_DAC_READ_SEARCH) can do everything unless an LSM (SELinux, AppArmor or similar) prevents him from doing that.That means also that you should assume that all your keystrokes can be read. Passwords aren't really safe. If you want a serious level of security then you must use a system which is completely controlled by you (and not even used by anyone else.
So, even permissions 000 cannot restrict the root user from reading file contents unless there is any LSM preventing the root user from reading the file contents.
