Re: file system permissions regression affecting root

From: Christian Kujau
Date: Sun May 17 2020 - 00:47:50 EST

Next message: Andy Lutomirski: "Re: [patch V6 03/37] nmi, tracing: Provide nmi_enter/exit_notrace()"
Previous message: pr-tracker-bot: "Re: [GIT PULL] KVM changes for Linux 5.7-rc6"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 13 May 2020, Patrick Donnelly wrote:
> However, it seems odd that this depends on the owner of the directory.
> i.e. this protection only seems to be enforced if the sticky directory
> is owned by root. That's expected?

According to the documentation[0] this appears to be intentional:

protected_regular:
[...]
When set to "1" don't allow O_CREAT open on regular files that we
don't own in world writable sticky directories, unless they are
owned by the owner of the directory.

C.

[0] https://www.kernel.org/doc/Documentation/sysctl/fs.txt
--
BOFH excuse #263:

It's stuck in the Web.

Next message: Andy Lutomirski: "Re: [patch V6 03/37] nmi, tracing: Provide nmi_enter/exit_notrace()"
Previous message: pr-tracker-bot: "Re: [GIT PULL] KVM changes for Linux 5.7-rc6"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]