How to access another user's folder from another user account

Question

I have some downloads in my root user /root/Downloads folder. How can I access them from another not-root-user account?

set not-root-user as root group beside user group. not root user can access root thru root group. — supriady, Feb 22 '17 at 13:43

score 6 · Answer 1 · answered Feb 22 '17 at 12:00

6

It would be possible to access the root's files/directories by simply changing the permissions. However I don't recommend to do so because this would be a big security hole. However on personal computer, it won't be such a big issue. Still, if you want to achieve this, you would need to add the following permissions flags to the /root directory:

x - this means that you can open/access the directory (cd to dir) but you can't read it's contents

r - this will allow you to read the directory contents

chmod o+x,o+r /root

Note: You need to be root (su root) when running this command.

The directories inside /root should already have read/execute permissions for other users so you shouldn't encounter further issues.

answered Feb 22 '17 at 12:00

Iulian Paun

81

1

In order to access the files, only read permissions on the files themselves and x permission on all parent directories are required. The example here doesn't grant x access to the /root/Downloads directory. The r on /root or /root/Downloads isn't strictly speaking required if the user already knows the pathname for the files to access. – Thomas Nyman Feb 22 '17 at 12:24
As far as I know, directories inside root should already have x access, by default. – Iulian Paun Feb 22 '17 at 12:54
1

Depends on the umask. You're probably right if Kali matches Debian's default 0022. – Thomas Nyman Feb 22 '17 at 13:37

score 3 · Answer 2 · answered Feb 22 '17 at 11:23

3

By non-root-user you mean user that is not in sudoers file or just other user that can execute command as root with sudo?

In a former occasion - there is no way you can access root's home folder.

In the later, you can sudo su and you're effectively a root user now (if sudo doesn't restrict user's priveleges in any way explicitly).

answered Feb 22 '17 at 11:23

ddnomad

1,978
2
16
31

1

This is a good point. I like sudo su -, though nowadays I use sudo -i. There are issues if you want to run GUI apps though. – sourcejedi Feb 22 '17 at 13:10

Thomas Nyman · Answer 3 · 2017-02-22T12:26:51.583

Assign the files to a group to which the non-root user belongs to.

In most modern Linux systems, each user have their own group corresponding to their username.

You can change the group ownership of a file or directory with the chgrp command:

chgrp group_name pathname

However, note that the non-root user also needs directory access for all parent directories, including /root itself, to access files under /root/Downloads, which is usually not allowed. Without read priviledges for the parent directories, there's still restrictions on listing the contents of the directory contents for directories under /root. In your particular case you would need to give x permissions for /root and /root/Downloads to regular users:

As root:

$ chmod o+x /root /root/Downloads
$ chgrp user /root/Downloads/file-non-root-user-needs-to-access

sourcejedi · Answer 4 · 2017-02-22T13:37:48.627

I strongly suggest you want to move them somewhere outside the directory /root. This will help avoid breaking the conventions on security, as others have warned about.

Moving files can be much faster than copying them. Provided they stay on the same filesystem, all that needs to be written is new file metadata (example: selinux).

E.g. you can create /shared-readonly/ and move files there with mv. You don't need to change access modes at all :). This specific setup (or using /home/shared-readonly) is very nice and simple. I've used it several times myself. (Directories which can be written by multiple users are inherently a bit more complex; sadly they're not as robust on Linux as they could be).

You could additionally limit this sharing to not-root-user, e.g. to avoid exposing personal data to arbitrary non-root daemons. Create a group as follows, e.g. here I name it conspiracy:

groupadd conspiracy
usermod -a -G conspiracy not-root-user
chgrp conspiracy /shared-readonly
chmod o-rx /shared-readonly

not-root-user will need to log out and back in, before they are recognized as a member of conspiracy. Use id -a to check their membership.

If you like to have convenient, visible access to the files as the root user, you can also create a symbolic link to them. E.g. ln -s /shared-readonly .

score 0 · Answer 5 · edited Oct 11 '18 at 19:53

This answer is for Kali Linux (Linux basically) and may not work for Ubuntu.

I have a better answer to solve the issue as I've just solved mine.

The most voted answer here doesn't work for Kali Linux (don't know about Ubuntu). The error is
chmod: invalid mode: ‘o+x,’ Try 'chmod --help' for more information.

Now the solution without any code:

Go to the root account and right click the folder you want to share with other accounts that is in this case /root/Downloads.
Select properties, go to the permissions tab
Then select "Create and Delete files" in the drop-down menu of Others access.
Click on Change Permissions for Enclosed files and select "read
and write" and "Create and Delete files" in the drop-down menus of
Others.
Click change and Close it. Log out of the account.
Now log-in into your user account.
Open Files manager, go to Others -> Computer -> root -> Downloads.
You'll find your files here.

How to access another user's folder from another user account

5 Answers5