Dan just found a bug on the ‘rev 688’ of FreeNAS:
Here are some command enter by a simple user (not root, not in the wheel group):
> mount
/dev/md0 on / (ufs, local)
devfs on /dev (devfs, local)
/dev/raid5/BigDiskp1 on /mnt/big_share (ufs, local, soft-updates, acls)
/dev/ad0s1 on /cf (ufs, local, read-only)
> ls -alh
total 20501
drwxrwxrwx 3 root wheel 512B Mar 27 23:36 .
drwxrwxrwx 3 root wheel 512B Mar 27 23:33 ..
drwxrwxr-x 2 root operator 512B Mar 26 23:54 .snap
-rw——- 1 root wheel 20M Mar 27 23:36 swap_file
> rm swap_file
override rw——- root/wheel for swap_file? y
> ls -alh
total 5
drwxrwxrwx 3 root wheel 512B Mar 27 23:55 .
drwxrwxrwx 3 root wheel 512B Mar 27 23:33 ..
drwxrwxr-x 2 root operator 512B Mar 26 23:54 .snap
Yes…. a simple user can delete a ‘600’ file !
Then I try with system file:
> ls -alh /var/etc/master.passwd
-rw——- 1 root wheel 899B Mar 27 23:36 /var/etc/master.passwd
> rm /var/etc/master.passwd
override rw——- root/wheel for /var/etc/master.passwd? y
rm: /var/etc/master.passwd: Permission denied
Now I must found the difference between this two files…
Why can I delete the swap_file ??