0

I'm self studying for my Linux+/LPIC-1 and I was working through the textbook titled "CompTIA Linux+ Guide to Linux certification" in conjunction with some video courses when this question arose. I googled around with terms such as "linux file ownership guest user". I can't seem to conjure up an answer without booting up a vm and going exploring in Linux.

I have very minimal experience with guest users in Linux and my questions are:

  1. do the permissions and ownership for guest users vary when compared to normal users?
  2. What occurs when a guest user creates a file? or is it expected that guest users don't have thoughs permissions?
  3. Is it bad practice to allow guest users to create files under specific directories?

I would like to kindly thank everyone who has allocated their valuable time to this question. Hopefully one day I can be as knowledgable as some of you and contribute back to the community :).

Improve this question
3
  • What do you mean by a "guest user?" In most linuxes, you can't log in to a machine without an account on that box. Commented Aug 29, 2017 at 15:26
  • When I say guest user, I'm referring to a user account that you configure for guest access through the display manager such as lightdm or other display managers. //edit I agree Linux requires secure acces (username and password) as stated in the material I'm learning from. But my understanding is guest accounts is a functionality of display managers that people some times enable to allow limited acces without requiring a username and password. I think that it does this by using an account with a blank password and authenticating for the guest in the backgroun but I'm unsure Commented Aug 29, 2017 at 15:44
  • OK, thanks. (Must not be any of the DMs I use.) Look into chroot jails and overlay/fusion filesystems, technologies that might let you confine such a user and delete their files automatically on logout. I bet that's how they handle it. Commented Aug 29, 2017 at 16:33

1 Answer 1

Reset to default
0

Does this explanation help? Basically the display manager executes some scripts/programs which create a temporary account.

There's nothing special about it, it's just a normal user account (though temporary), permissions and ownership are handled just like permission and ownership for any normal account, and it has a home directory just like any normal user.

What happens when this user creates a file depends on the details (which I haven't checked): Files created in the temporary home directory are deleted when the user logs out. Files created somewhere else (if the user is allowed to do that) stay, with the userid under which they are created, even though there may not be any user assigned to that id anymore (because the temporary username is deleted after logout).

It's a good idea to not let guest users create files except in their home directory, but I have no idea if this is enforced in this particular setup. You'd probably need to chroot for a secure enforcement, and I don't think this particular setup does that (though nothing prevents you to make a really safe environment for guest users. You don't even have to use this particular feature, a guest user with a fixed name is fine).

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.