2

I was wondering if it was possible to somehow get the contents of a file which you do not have read access to. I first attempted trying to get around the permissions using the inode number of the file, but I was unsuccessful. My teacher made a file which he said he locked up well, but that there were a few ways of getting to its contents. Getting into the file has nothing to do with our assignment, but I was curious as to how this could be done if it could be done. I did a bit of research, and the only post I found relating to this was to grab the inode number of the file, but after doing that, there was not too much more information regarding it. Any savvy bash/Linux users have a solution to do this?

Thanks!

TEEBQNE
  • 121

1 Answers1

1

NO. Unlike executable binary output, the binary loader is a special beast with privs to read files and set them into execution. Thus for binary files EXECUTABLE access is sufficient to get the program read and executed.

However, a shell is only an interpreter and does not have such special abilities, and as a typical progam without any special abilities, must read a file. Thus READ access is required for a file to be "input" to a shell command processor.

mdpc
  • 6,834
  • When I run ls -l the permissions come back as: -rws--x---. – TEEBQNE Nov 02 '18 at 20:47
  • @user3657449 It is possible to execute a file to which you don't have read permissions provided that it's not a script or otherwise interactive. That file has setuid which means that it will run with the permissions of the owner. – Nasir Riley Nov 02 '18 at 21:21
  • @NasirRiley Is there a way to piggyback on this permission to output all commands run in the script to the standard output? – TEEBQNE Nov 02 '18 at 21:38
  • @user3657449 If it's a binary then you can use strace to see the system calls. If it's a script then it won't be possible because it won't run due to your inability to read the file. – Nasir Riley Nov 02 '18 at 21:41
  • @user357449 - if it is a script, all you would have to do is cat scriptname since all shell scripts have to have READ access. – mdpc Nov 02 '18 at 21:41
  • @mdpc If I try anything like cat, less, head, tail, etc. I get permission denied. – TEEBQNE Nov 02 '18 at 21:52
  • @NasirRiley Is there any way to use strace to print out the exact lines used in the file? Or just the system calls it reports? – TEEBQNE Nov 02 '18 at 22:22
  • @user3657449 It is just the system calls. Like I said, you can't read the lines within because you don't have read access to it. – Nasir Riley Nov 02 '18 at 23:04
  • @mdpc The script only has to have read access for the user who is executing it. If someone without read access tries to use cat, less, or any other command that is used to read the file it then they'll get permission denied. – Nasir Riley Nov 02 '18 at 23:05
  • No, the binary loader / dynamic linker / ELF interpreter (ld.so) doesn't have any extra privileges. It's not a setuid, setgid or setcap executable; the ELF interpreter is able to "read" a non-readable binary executable because the kernel loads the binary in the virtual memory of the process before loading and running the interpreter. The interpreter doesn't open the file via the file system and doesn't need to bypass any permission. –  Oct 13 '20 at 05:42