# browsing from cloud into root

## squirrelsoup

when using gmail i noticed that i am able to upload any file for example /var/log/messages into the gmail cloud, is that normal behavior, or am i missing something?

the disk is encrypted with luks lvm

----------

## NeddySeagoon

squirrelsoup,

Encryption is only useful while the volume and key are not associated.  Once its unlocked, the encryption becomes transparent.

Its only useful for keeping your secrets safe while the volume is not mounted, as that's typically when you enter the key. 

I really hope you are missing something.  First of all, you are not running gmail as root are you?

That would be a very bad thing. 

Whate does 

```
$ ls -l /var/log/
```

show?  As a worked example, I get

```
-rw-r--r-- 1 root     roy         30577 Jan  3 12:34 Xorg.0.log

-rw-r--r-- 1 root     roy         30778 Jan  2 23:50 Xorg.0.log.old

drwx------ 2 root     root         4096 Dec 28 16:39 critical

drwx------ 2 root     root         4096 Jan  3 12:33 cron

drwxr-xr-x 2 root     root         4096 Jan  1 18:19 cups

-rw-r--r-- 1 root     root            0 May  3  2016 distccd

-rw-r----- 1 root     root        68266 Jan  3 12:33 dmesg

-rw-rw---- 1 portage  portage      1074 Jan  3 13:16 emerge-fetch.log

-rw-rw---- 1 portage  portage   9414670 Jan  3 13:16 emerge.log

drwx------ 2 root     root         4096 Jan  3 12:33 everything

drwxr-xr-x 2 root     root         4096 Dec 20 12:13 ipsec

drwx------ 2 root     root         4096 Jan  3 12:33 kernel

-rw-r--r-- 1 root     root       292292 Jan  3 12:34 lastlog

drwxr-xr-x 3 root     root         4096 Nov  8  2014 libvirt

drwxr-xr-x 2 mysql    mysql        4096 Jul 19  2014 mysql

drwxrwx--- 2 nullmail nullmail     4096 Jan  1 18:18 nullmailer

drwxrws--- 3 portage  portage    102400 Jan  2 17:56 portage

drwx------ 2 root     root         4096 Jan  3 12:33 pwdfail

-rw------- 1 root     root        50285 Dec 24  2015 racoon_responder.log

-rw------- 1 root     root       255240 Dec 24  2015 racoon_sender.log

-rw------- 1 root     root      1405544 Dec 29  2015 racoon_to_tupp.log

drwxrwx--- 2 root     root         4096 Jan  1 16:00 sandbox

drwx------ 2 root     root         4096 Jan  3 12:33 sshd

-rw------- 1 root     root        64064 Jan  3 12:34 tallylog

drwx------ 2 root     root         4096 Jan  3 12:33 telnet

-rw-rw-r-- 1 root     utmp     21368832 Jan  3 12:34 wtmp
```

My username is roy, so I can only see files that are 

a) belong to me 

b) have a group access, where I am a member of the group

c) world readable 

Late thought ... your normal user is not in the root group I hope.  That's the same as running everything as root.

My groups are

```
$ groups

tty wheel uucp audio cdrom video games kvm cdrw users vboxusers scanner wireshark plugdev roy
```

----------

## squirrelsoup

does this means i am not running as root?

```
nano /var/log/messages

[ Error reading /var/log/messages: Permission denied ]
```

```
ls -l /var/log/

total 2632

drwxr-xr-x 2 root    root               4096 Jan  2 20:57 ConsoleKit

-rw-r--r-- 1 root    f33lfr33d0ml00p   36580 Jan  4 05:21 Xorg.0.log

-rw-r--r-- 1 root    f33lfr33d0ml00p   27069 Jan  3 11:03 Xorg.0.log.old

drwxr-xr-x 2 root    root               4096 Jan  3 10:45 aide

drwxr-xr-x 2 root    root               4096 Jan  2 20:35 cups

-rw-r----- 1 root    root              50233 Jan  3 11:04 dmesg

-rw-rw---- 1 portage portage            5696 Jan  3 10:41 emerge-fetch.log

-rw-rw---- 1 portage portage          443827 Jan  3 10:45 emerge.log

-rw-r--r-- 1 root    root            1523789 Jan  2 19:01 genkernel.log

-rw-r--r-- 1 root    root             292292 Jan  3 11:05 lastlog

-rw------- 1 root    root             173703 Jan  4 06:13 messages

drwxrwsr-x 3 portage portage            4096 Dec 29 03:05 portage

drwxrwx--- 2 root    portage            4096 Jan  2 21:41 sandbox

-rw------- 1 root    root              64064 Jan  3 11:05 tallylog

-rw-r--r-- 1 root    root             226470 Jan  2 22:49 vbox-install.log

-rw-rw-r-- 1 root    utmp             134016 Jan  3 11:05 wtmp

```

----------

## NeddySeagoon

squirrelsoup, 

```
-rw------- 1 root    root             173703 Jan  4 06:13 messages
```

Shows that only the owner, in this case root, has access to the file.  That you got a permission denied error

```
nano /var/log/messages

[ Error reading /var/log/messages: Permission denied ]
```

shows the user you are running as is not root.

The eXecute bit on directories is a bit odd.  You would never execute a directory, so its used for something else.

If you have --x on a directory as owner, group or world, yo are permitted to cd to the directory.

As your normal user, try ls /root and cd /root.

Both should fail.  You should not even be able to 

```
ls /root/file
```

even if you know file exists.

So, your normal user can see that /var/log/messages exits but not access it.

I suspect that your mail client will get the Permission denied error when it tries to read the file to attach it to the email.

You might like to test the last bit of that.

What groups are you in?

----------

