lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <bug-60676-13602-4tfhYrgx4e@https.bugzilla.kernel.org/>
Date:	Thu, 01 Aug 2013 15:55:00 +0000
From:	bugzilla-daemon@...zilla.kernel.org
To:	linux-ext4@...r.kernel.org
Subject: [Bug 60676] Stat system call gives permission denied to root for
 links under a sticky bit

https://bugzilla.kernel.org/show_bug.cgi?id=60676

--- Comment #1 from Theodore Tso <tytso@....edu> ---
On Thu, Aug 01, 2013 at 03:02:36PM +0000, bugzilla-daemon@...zilla.kernel.org
wrote:
> 
> If a directory has a sticky bit set, root cannot use anything that makes the
> stat system call on any of the links there.
> 
> Example:
> > $ ls -ld /tmp/
> > drwxrwxrwt 17 root root 4825088 Aug  1 10:50 /tmp/
> > $ mkdir /tmp/testdir
> > $ touch /tmp/testdir/testfile
> > $ ln -s /tmp/testdir/ /tmp/testlink
> > $ ls /tmp/testlink/
> > testfile
> > $ su
> > # ls /tmp/testlink
> ls: cannot access /tmp/testlink: Permission denied
> > # ls /tmp/testdir
> > testfile

Works for me:

<tytso.root@...bda> {/tmp}, level 2  
509# ls -aldg /tmp
0 drwxrwxrwt 18 root 1840 Aug  1 11:10 /tmp/
<tytso.root@...bda> {/tmp}, level 2  
510# stat /tmp/testdir
  File: tmp/testdir'
  Size: 60              Blocks: 0          IO Block: 4096   directory
Device: 12h/18d Inode: 3290419     Links: 2
Access: (0700/drwx------)  Uid: (15806/   tytso)   Gid: (15806/   tytso)
Access: 2013-08-01 11:10:01.141462969 -0400
Modify: 2013-08-01 11:09:53.301463057 -0400
Change: 2013-08-01 11:10:51.261462406 -0400
 Birth: -
<tytso.root@...bda> {/tmp}, level 2  
511# stat /tmp/testfile
  File: tmp/testfile' -> stdir/testfile'
  Size: 16              Blocks: 0          IO Block: 4096   symbolic link
Device: 12h/18d Inode: 3288475     Links: 1
Access: (0777/lrwxrwxrwx)  Uid: (15806/   tytso)   Gid: (15806/   tytso)
Access: 2013-08-01 11:10:04.701462929 -0400
Modify: 2013-08-01 11:10:03.691462941 -0400
Change: 2013-08-01 11:10:03.691462941 -0400
 Birth: -
<tytso.root@...bda> {/tmp}, level 2  
512# uname -a
Linux lambda 3.11.0-rc2-00261-g316da4e #50 SMP Fri Jul 26 08:41:29 EDT 2013
x86_64 GNU/Linux
<tytso.root@...bda> {/tmp}, level 2  
513# 

I suspect you are using SELinux?  (You have a security problem.  So
you install SELinux; now you have 6+ megabytes worth of problems when
you try to decipher the SELinux policy definitions.  :-)

                                               - Ted

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists