How to view other users' files? Ubuntu 16.04 [closed]
Clash Royale CLAN TAG#URR8PPP
up vote
0
down vote
favorite
Can I view files from other users on the same local machine if I am root? If so, how?
linux files users
edited Apr 29 at 19:05
Jeff Schaller
31.1k846105
asked Apr 29 at 17:40
axxic3
2016
closed as off-topic by Jeff Schaller, G-Man, telcoM, X Tian, jimmij Apr 30 at 13:48
This question appears to be off-topic. The users who voted to close gave this specific reason:
- "Questions describing a problem that can't be reproduced and seemingly went away on its own (or went away when a typo was fixed) are off-topic as they are unlikely to help future readers." – Jeff Schaller, telcoM
add a comment |Â
up vote
0
down vote
favorite
Can I view files from other users on the same local machine if I am root? If so, how?
linux files users
edited Apr 29 at 19:05
Jeff Schaller
31.1k846105
asked Apr 29 at 17:40
axxic3
2016
closed as off-topic by Jeff Schaller, G-Man, telcoM, X Tian, jimmij Apr 30 at 13:48
This question appears to be off-topic. The users who voted to close gave this specific reason:
- "Questions describing a problem that can't be reproduced and seemingly went away on its own (or went away when a typo was fixed) are off-topic as they are unlikely to help future readers." – Jeff Schaller, telcoM
1
I am root. I think I figured it out, navigated to /home/username as root. LoL
– axxic3
Apr 29 at 17:52
add a comment |Â
up vote
0
down vote
favorite
up vote
0
down vote
favorite
Can I view files from other users on the same local machine if I am root? If so, how?
linux files users
edited Apr 29 at 19:05
Jeff Schaller
31.1k846105
asked Apr 29 at 17:40
axxic3
2016
Can I view files from other users on the same local machine if I am root? If so, how?
linux files users
edited Apr 29 at 19:05
Jeff Schaller
31.1k846105
asked Apr 29 at 17:40
axxic3
2016
edited Apr 29 at 19:05
Jeff Schaller
31.1k846105
edited Apr 29 at 19:05
Jeff Schaller
31.1k846105
edited Apr 29 at 19:05
Jeff Schaller
31.1k846105
31.1k846105
asked Apr 29 at 17:40
axxic3
2016
asked Apr 29 at 17:40
axxic3
2016
asked Apr 29 at 17:40
axxic3
2016
2016
closed as off-topic by Jeff Schaller, G-Man, telcoM, X Tian, jimmij Apr 30 at 13:48
This question appears to be off-topic. The users who voted to close gave this specific reason:
- "Questions describing a problem that can't be reproduced and seemingly went away on its own (or went away when a typo was fixed) are off-topic as they are unlikely to help future readers." – Jeff Schaller, telcoM
closed as off-topic by Jeff Schaller, G-Man, telcoM, X Tian, jimmij Apr 30 at 13:48
This question appears to be off-topic. The users who voted to close gave this specific reason:
- "Questions describing a problem that can't be reproduced and seemingly went away on its own (or went away when a typo was fixed) are off-topic as they are unlikely to help future readers." – Jeff Schaller, telcoM
1
I am root. I think I figured it out, navigated to /home/username as root. LoL
– axxic3
Apr 29 at 17:52
add a comment |Â
1
I am root. I think I figured it out, navigated to /home/username as root. LoL
– axxic3
Apr 29 at 17:52
1
1
I am root. I think I figured it out, navigated to /home/username as root. LoL
– axxic3
Apr 29 at 17:52
I am root. I think I figured it out, navigated to /home/username as root. LoL
– axxic3
Apr 29 at 17:52
add a comment |Â
3 Answers
3
active
oldest
votes
up vote
0
down vote
accepted
You can $ sudo su and you're effectively a root user now.
And, Go / (root) and see /home folder can find all the user on the machine.
answered Apr 29 at 18:02
null byte
312
Out the question , for shared is it possible to disable root privilege for regular user , let say users have access to remote server system
– Salem F
Apr 30 at 2:34
1
$ vim /etc/sudoers $ sudo deluser USERNAME sudo. This will take sudo access away from the particular user.
– null byte
Apr 30 at 3:23
add a comment |Â
up vote
0
down vote
You can also do:
# su user
as root to become that user and see his files
answered Apr 29 at 18:28
Marco Caggiano
11
isn't this supposed to leave traces if you work as that user? like history items etc
– AnonymousLurker
Apr 29 at 20:16
@AnonymousLurker Yes, andhistory -ctakes care of that.
– dsstorefile1
Apr 29 at 22:57
add a comment |Â
up vote
0
down vote
Switching to a different user account from root is not safe by default.
It's much safer to directly browse into the desired directory as the root user than use su or sudo to switch users since the latter allows an infected user to automatically execute arbitrary commands as root via the TIOCSTI ioctl by pushing commands onto root's tty.
For instance, suppose there's a binary hacksu that takes advantage of the TIOCSTI ioctl and that an intruder has modified the infected user account [user]'s .bashrc to execute this binary when the shell starts.
$ tail -n3 /home/[user]/.bashrc
echo hi
/opt/hacksu -- $'echo "hello world" >> /tmp/file1nfg'
echo bye
$ _
Then, when root uses su on the infected user, the infected user gets to execute arbitrary commands as root.
root@host:~# su - [user]
The 8 following lines print themselves to the terminal without user interaction since sourcing .bashrc is automatic.
echo "hello world" >> /tmp/file
1
fg
[1]+ Stopped su - [user]
root@host:~# echo "hello world" >> /tmp/file1
root@host:~# fg
su - [user]
bye
Now, root realizes something is up and closes the [user] shell to check out what [user]'s .bashrc did.
[user]@host:~$ logout
root@host:~# ll /tmp/file1
-rw-r--r-- 1 root root 12 Apr 15 00:47 /tmp/file1 # owned by root (!)
root@host:~# cat -v /tmp/file1
hello world
root@host:~# # oops ..
In the above scenario, [user] has just written to an arbitrary file as the root user. In practice, the executed commands could do anything root could. Imagine, for instance, if the hacksu binary had been called to modify /etc/shadow instead.
The source for the POC hacksu binary can be found at https://www.halfdog.net/Security/2012/TtyPushbackPrivilegeEscalation/. Don't switch to another user as root unless you've worked around the threat of an infected user account.
answered Apr 29 at 23:07
dsstorefile1
1,516212
add a comment |Â
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
accepted
You can $ sudo su and you're effectively a root user now.
And, Go / (root) and see /home folder can find all the user on the machine.
answered Apr 29 at 18:02
null byte
312
Out the question , for shared is it possible to disable root privilege for regular user , let say users have access to remote server system
– Salem F
Apr 30 at 2:34
1
$ vim /etc/sudoers $ sudo deluser USERNAME sudo. This will take sudo access away from the particular user.
– null byte
Apr 30 at 3:23
add a comment |Â
up vote
0
down vote
accepted
You can $ sudo su and you're effectively a root user now.
And, Go / (root) and see /home folder can find all the user on the machine.
answered Apr 29 at 18:02
null byte
312
Out the question , for shared is it possible to disable root privilege for regular user , let say users have access to remote server system
– Salem F
Apr 30 at 2:34
1
$ vim /etc/sudoers $ sudo deluser USERNAME sudo. This will take sudo access away from the particular user.
– null byte
Apr 30 at 3:23
add a comment |Â
up vote
0
down vote
accepted
up vote
0
down vote
accepted
You can $ sudo su and you're effectively a root user now.
And, Go / (root) and see /home folder can find all the user on the machine.
answered Apr 29 at 18:02
null byte
312
You can $ sudo su and you're effectively a root user now.
And, Go / (root) and see /home folder can find all the user on the machine.
answered Apr 29 at 18:02
null byte
312
answered Apr 29 at 18:02
null byte
312
answered Apr 29 at 18:02
null byte
312
answered Apr 29 at 18:02
null byte
312
312
Out the question , for shared is it possible to disable root privilege for regular user , let say users have access to remote server system
– Salem F
Apr 30 at 2:34
1
$ vim /etc/sudoers $ sudo deluser USERNAME sudo. This will take sudo access away from the particular user.
– null byte
Apr 30 at 3:23
add a comment |Â
Out the question , for shared is it possible to disable root privilege for regular user , let say users have access to remote server system
– Salem F
Apr 30 at 2:34
1
$ vim /etc/sudoers $ sudo deluser USERNAME sudo. This will take sudo access away from the particular user.
– null byte
Apr 30 at 3:23
Out the question , for shared is it possible to disable root privilege for regular user , let say users have access to remote server system
– Salem F
Apr 30 at 2:34
Out the question , for shared is it possible to disable root privilege for regular user , let say users have access to remote server system
– Salem F
Apr 30 at 2:34
1
1
$ vim /etc/sudoers $ sudo deluser USERNAME sudo. This will take sudo access away from the particular user.
– null byte
Apr 30 at 3:23
$ vim /etc/sudoers $ sudo deluser USERNAME sudo. This will take sudo access away from the particular user.
– null byte
Apr 30 at 3:23
add a comment |Â
up vote
0
down vote
You can also do:
# su user
as root to become that user and see his files
answered Apr 29 at 18:28
Marco Caggiano
11
isn't this supposed to leave traces if you work as that user? like history items etc
– AnonymousLurker
Apr 29 at 20:16
@AnonymousLurker Yes, andhistory -ctakes care of that.
– dsstorefile1
Apr 29 at 22:57
add a comment |Â
up vote
0
down vote
You can also do:
# su user
as root to become that user and see his files
answered Apr 29 at 18:28
Marco Caggiano
11
isn't this supposed to leave traces if you work as that user? like history items etc
– AnonymousLurker
Apr 29 at 20:16
@AnonymousLurker Yes, andhistory -ctakes care of that.
– dsstorefile1
Apr 29 at 22:57
add a comment |Â
up vote
0
down vote
up vote
0
down vote
You can also do:
# su user
as root to become that user and see his files
answered Apr 29 at 18:28
Marco Caggiano
11
You can also do:
# su user
as root to become that user and see his files
answered Apr 29 at 18:28
Marco Caggiano
11
answered Apr 29 at 18:28
Marco Caggiano
11
answered Apr 29 at 18:28
Marco Caggiano
11
answered Apr 29 at 18:28
Marco Caggiano
11
11
isn't this supposed to leave traces if you work as that user? like history items etc
– AnonymousLurker
Apr 29 at 20:16
@AnonymousLurker Yes, andhistory -ctakes care of that.
– dsstorefile1
Apr 29 at 22:57
add a comment |Â
isn't this supposed to leave traces if you work as that user? like history items etc
– AnonymousLurker
Apr 29 at 20:16
@AnonymousLurker Yes, andhistory -ctakes care of that.
– dsstorefile1
Apr 29 at 22:57
isn't this supposed to leave traces if you work as that user? like history items etc
– AnonymousLurker
Apr 29 at 20:16
isn't this supposed to leave traces if you work as that user? like history items etc
– AnonymousLurker
Apr 29 at 20:16
@AnonymousLurker Yes, and
history -c takes care of that.– dsstorefile1
Apr 29 at 22:57
@AnonymousLurker Yes, and
history -c takes care of that.– dsstorefile1
Apr 29 at 22:57
add a comment |Â
up vote
0
down vote
Switching to a different user account from root is not safe by default.
It's much safer to directly browse into the desired directory as the root user than use su or sudo to switch users since the latter allows an infected user to automatically execute arbitrary commands as root via the TIOCSTI ioctl by pushing commands onto root's tty.
For instance, suppose there's a binary hacksu that takes advantage of the TIOCSTI ioctl and that an intruder has modified the infected user account [user]'s .bashrc to execute this binary when the shell starts.
$ tail -n3 /home/[user]/.bashrc
echo hi
/opt/hacksu -- $'echo "hello world" >> /tmp/file1nfg'
echo bye
$ _
Then, when root uses su on the infected user, the infected user gets to execute arbitrary commands as root.
root@host:~# su - [user]
The 8 following lines print themselves to the terminal without user interaction since sourcing .bashrc is automatic.
echo "hello world" >> /tmp/file
1
fg
[1]+ Stopped su - [user]
root@host:~# echo "hello world" >> /tmp/file1
root@host:~# fg
su - [user]
bye
Now, root realizes something is up and closes the [user] shell to check out what [user]'s .bashrc did.
[user]@host:~$ logout
root@host:~# ll /tmp/file1
-rw-r--r-- 1 root root 12 Apr 15 00:47 /tmp/file1 # owned by root (!)
root@host:~# cat -v /tmp/file1
hello world
root@host:~# # oops ..
In the above scenario, [user] has just written to an arbitrary file as the root user. In practice, the executed commands could do anything root could. Imagine, for instance, if the hacksu binary had been called to modify /etc/shadow instead.
The source for the POC hacksu binary can be found at https://www.halfdog.net/Security/2012/TtyPushbackPrivilegeEscalation/. Don't switch to another user as root unless you've worked around the threat of an infected user account.
answered Apr 29 at 23:07
dsstorefile1
1,516212
add a comment |Â
up vote
0
down vote
Switching to a different user account from root is not safe by default.
It's much safer to directly browse into the desired directory as the root user than use su or sudo to switch users since the latter allows an infected user to automatically execute arbitrary commands as root via the TIOCSTI ioctl by pushing commands onto root's tty.
For instance, suppose there's a binary hacksu that takes advantage of the TIOCSTI ioctl and that an intruder has modified the infected user account [user]'s .bashrc to execute this binary when the shell starts.
$ tail -n3 /home/[user]/.bashrc
echo hi
/opt/hacksu -- $'echo "hello world" >> /tmp/file1nfg'
echo bye
$ _
Then, when root uses su on the infected user, the infected user gets to execute arbitrary commands as root.
root@host:~# su - [user]
The 8 following lines print themselves to the terminal without user interaction since sourcing .bashrc is automatic.
echo "hello world" >> /tmp/file
1
fg
[1]+ Stopped su - [user]
root@host:~# echo "hello world" >> /tmp/file1
root@host:~# fg
su - [user]
bye
Now, root realizes something is up and closes the [user] shell to check out what [user]'s .bashrc did.
[user]@host:~$ logout
root@host:~# ll /tmp/file1
-rw-r--r-- 1 root root 12 Apr 15 00:47 /tmp/file1 # owned by root (!)
root@host:~# cat -v /tmp/file1
hello world
root@host:~# # oops ..
In the above scenario, [user] has just written to an arbitrary file as the root user. In practice, the executed commands could do anything root could. Imagine, for instance, if the hacksu binary had been called to modify /etc/shadow instead.
The source for the POC hacksu binary can be found at https://www.halfdog.net/Security/2012/TtyPushbackPrivilegeEscalation/. Don't switch to another user as root unless you've worked around the threat of an infected user account.
answered Apr 29 at 23:07
dsstorefile1
1,516212
add a comment |Â
up vote
0
down vote
up vote
0
down vote
Switching to a different user account from root is not safe by default.
It's much safer to directly browse into the desired directory as the root user than use su or sudo to switch users since the latter allows an infected user to automatically execute arbitrary commands as root via the TIOCSTI ioctl by pushing commands onto root's tty.
For instance, suppose there's a binary hacksu that takes advantage of the TIOCSTI ioctl and that an intruder has modified the infected user account [user]'s .bashrc to execute this binary when the shell starts.
$ tail -n3 /home/[user]/.bashrc
echo hi
/opt/hacksu -- $'echo "hello world" >> /tmp/file1nfg'
echo bye
$ _
Then, when root uses su on the infected user, the infected user gets to execute arbitrary commands as root.
root@host:~# su - [user]
The 8 following lines print themselves to the terminal without user interaction since sourcing .bashrc is automatic.
echo "hello world" >> /tmp/file
1
fg
[1]+ Stopped su - [user]
root@host:~# echo "hello world" >> /tmp/file1
root@host:~# fg
su - [user]
bye
Now, root realizes something is up and closes the [user] shell to check out what [user]'s .bashrc did.
[user]@host:~$ logout
root@host:~# ll /tmp/file1
-rw-r--r-- 1 root root 12 Apr 15 00:47 /tmp/file1 # owned by root (!)
root@host:~# cat -v /tmp/file1
hello world
root@host:~# # oops ..
In the above scenario, [user] has just written to an arbitrary file as the root user. In practice, the executed commands could do anything root could. Imagine, for instance, if the hacksu binary had been called to modify /etc/shadow instead.
The source for the POC hacksu binary can be found at https://www.halfdog.net/Security/2012/TtyPushbackPrivilegeEscalation/. Don't switch to another user as root unless you've worked around the threat of an infected user account.
answered Apr 29 at 23:07
dsstorefile1
1,516212
Switching to a different user account from root is not safe by default.
It's much safer to directly browse into the desired directory as the root user than use su or sudo to switch users since the latter allows an infected user to automatically execute arbitrary commands as root via the TIOCSTI ioctl by pushing commands onto root's tty.
For instance, suppose there's a binary hacksu that takes advantage of the TIOCSTI ioctl and that an intruder has modified the infected user account [user]'s .bashrc to execute this binary when the shell starts.
$ tail -n3 /home/[user]/.bashrc
echo hi
/opt/hacksu -- $'echo "hello world" >> /tmp/file1nfg'
echo bye
$ _
Then, when root uses su on the infected user, the infected user gets to execute arbitrary commands as root.
root@host:~# su - [user]
The 8 following lines print themselves to the terminal without user interaction since sourcing .bashrc is automatic.
echo "hello world" >> /tmp/file
1
fg
[1]+ Stopped su - [user]
root@host:~# echo "hello world" >> /tmp/file1
root@host:~# fg
su - [user]
bye
Now, root realizes something is up and closes the [user] shell to check out what [user]'s .bashrc did.
[user]@host:~$ logout
root@host:~# ll /tmp/file1
-rw-r--r-- 1 root root 12 Apr 15 00:47 /tmp/file1 # owned by root (!)
root@host:~# cat -v /tmp/file1
hello world
root@host:~# # oops ..
In the above scenario, [user] has just written to an arbitrary file as the root user. In practice, the executed commands could do anything root could. Imagine, for instance, if the hacksu binary had been called to modify /etc/shadow instead.
The source for the POC hacksu binary can be found at https://www.halfdog.net/Security/2012/TtyPushbackPrivilegeEscalation/. Don't switch to another user as root unless you've worked around the threat of an infected user account.
answered Apr 29 at 23:07
dsstorefile1
1,516212
answered Apr 29 at 23:07
dsstorefile1
1,516212
answered Apr 29 at 23:07
dsstorefile1
1,516212
answered Apr 29 at 23:07
dsstorefile1
1,516212
1,516212
add a comment |Â
add a comment |Â
1
I am root. I think I figured it out, navigated to /home/username as root. LoL
– axxic3
Apr 29 at 17:52