Permissions in Linux is the first thing every new user has to get acquainted with, and not all guides give a complete picture of the processes taking place in the system.
Habré already has a wonderful article about access rights, but here I wanted to describe what will happen in your system after
chmod -R 777 /
For a beginner, it may seem that by setting and returning the rights back, no damage to the system will be possible, because we returned everything as it was. So, with full confidence in our actions, we enter the command and assign all rights to all files in the system. What can go wrong?
1. We said goodbye to security forever.
Well, it was a conscious risk and the security issue was of little concern to us whether the system would remain operational?
2. The first string of mistakes
The sudo, sendmail, and a number of other commands will simply stop working. The bottom line is that these commands check the permissions of key files, see that they differ from the expected ones and give an error.
3. 777 is actually 0 777
The most significant bit is the setuid and setgid bits. They are required to run files with certain privileges. Now this bit is 0 , and this will undoubtedly lead to countless errors.
4. /tmp and /var/tmp are badly affected
The access rights are sticky bit it protects files from being deleted by people who don’t own them. This is necessary because some scripts clean up the /tmp directories and without the sticky bit set, we say goodbye to all files in this directory.
5. Now every file on your system is executable.
Yes, now every file on your system is executable, and for unscrupulous people, the possibilities are endless. We can easily force us to run malicious code by naming it with a command name, and this is only a small part of the risks that arise.
Can the system be fixed?
Theoretically yes, but rather for educational purposes. If we need a fully functional and trouble-free system, the most rational solution would be a complete reinstallation, or a rollback to an existing backup. Thus, careless handling of a command that seems to be known to us can lead to a large number of problems.