| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <bug-36312-13602@https.bugzilla.kernel.org/>
Date: Tue, 31 May 2011 00:19:20 GMT
From: bugzilla-daemon@...zilla.kernel.org
To: linux-ext4@...r.kernel.org
Subject: [Bug 36312] New: User belonging to another Group has no access when
chmod 0040
https://bugzilla.kernel.org/show_bug.cgi?id=36312
Summary: User belonging to another Group has no access when
chmod 0040
Product: File System
Version: 2.5
Kernel Version: 2.6.39
Platform: All
OS/Version: Linux
Tree: Mainline
Status: NEW
Severity: low
Priority: P1
Component: ext4
AssignedTo: fs_ext4@...nel-bugs.osdl.org
ReportedBy: ubuntuefnet@...il.com
Regression: Yes
This may not be a bug, this may be intentional - however it was considered
pretty damn weird when encountered and worth a mention.
Say we have user 'bob', he is the owner of file 'accounting.txt' and
'accounting.txt' has group 'staff' attributed to the file which 'bob' is a part
of. If the permissions for the file only have group perms (e.g 0060), 'bob'
will not be able to access 'accounting.txt', however all other users in the
'staff' group will have access.
Replication via CLI:
touch myfile.txt && chown `whoami`:`groups | awk '{print $2}'` myfile.txt &&
chmod 0040 myfile.txt && cat myfile.txt
System: Debian 6.0.1
Arch: x86_64
Kernel: 2.6.39
--
Configure bugmail: https://bugzilla.kernel.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists