On shared unix hosting, if I have a file sensitive-data.txt and I issue:
chmod 600 sensitive-data.txt
Can root user still read my file? Specifically I'm wondering if it's safe to store my password in mercurial hgrc file.
UPDATE
Decided to use the mecurial keyring extension as it was super easy to setup:
pip install mercurial_keyring
and then add to hgrc:
[extensions]
mercurial_keyring =
However I'm still interested in the answer to this question.
Best Answer
Yes, root can:
In any case, even if root couldn't read your files as root, they can always log in as you without a password:
So,
root
can change to any other username usingsu
(orsudo -iu username
) and will then be able to do anything at all as though they were you.