So I was messing around with permissions on a linux box and was trying to change permissions so a user couldnt access any folders other than what is in their home directory. I did sudo chmod 0750 /home/Guest and it stopped them from accessing the other folders in home, but not the root directory. So i then applied sudo chmod 0750 / and now I cant access any files or execute any commands. I came back to it and I cant even ssh to connect remotely anymore.
Am i screwed?
If you really only did chmod 0750 / and not chmod -R 0750 /, then there's probably no harm done. Just do chmod 0755 / and you should be fine.
If you did chmod -R 0750 /, you're quasi-screwed. You can probably get things back into working order with a little work.
Frankly, your best bet is to login as root and execute chmod -R 0755 /. There's a good chance that this will break security models on your system, and some security-conscious software may refuse to run. Your system may or may not be stable after this.
Dunno exactly what dialect of Linux you were using, but many variants have some sort of "repair permissions" tool for just this type of emergency. That tool will go through the database of installed software, and restore every file to the permissions it was intended to have when it was installed.
If your system was installed from RPM packages, this answer shows commands you can give to cause rpm to reset permissions.
If you can't reset permissions, and your system becomes unstable (or you just don't trust it), then you're probably best off doing backups and then reinstalling your system.
In regards to what you were trying to do with Guest:
I'm guessing you thought that by removing permissions from /home/Guest, you were somehow creating a "wall" that the user wouldn't be able to pass. Unfortunately, permissions don't work that way. Any file for which the user can enter the path is accessible as long as the permissions for the file and its containing directories permit it.
As a general rule, without some advanced ACL lists or some such you can't just keep one user "sandboxed" by tweaking permissions as you did.
What you really wanted to do was to put that user into a "chroot" jail, where basically that user lives in a virtual system-within-a-system. It's not too hard to set up, but it's not trivial either.
Another approach you could have taken, and you're actually halfway there, is to make a list of all the groups that own all the files on the system, and put all your users except "Guest" into all of those groups. then remove "other" access from all the files with
chmod -R o-rwx /
Which would have removed the "other" access from all files while leaving the "owner" and "group" permissions alone. Unfortunately for you, it's now too late for that.
The next step would have been to track down all the software that broke because it needed access to some file or another. This could have taken a very long time, and frankly your system would never be the same again.
And the step after that would be to find out what broke for "Guest" because of these permission changes. To start with, you would need to restore permissions for everything in /bin, /usr/bin, /lib, /usr/lib, /usr/local, /usr/share and who knows what else. Probably a lot of files in /etc, /var, and so forth.
Unless I was building embedded systems, and had the time to track down all those issues, I would not take this approach.
suid bit from any executable that has it.
– Wildcard
Oct 17 '16 at 23:48
chmod 0755 /? If the OP didn't do a recursive chmod I don't think issuing one will help..
– IanC
Oct 17 '16 at 23:52
chmod 0750 /, then chmod 0755 / will fix it. If OP did chmod -R 0750 /, then he's probably screwed unless there's a permissions restoring tool and it still functions. Failing that, another recursive chmod might make the system usable again, but it probably won't be safe.
– Edward Falk
Oct 17 '16 at 23:58