lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <bug-60676-13602-4tfhYrgx4e@https.bugzilla.kernel.org/> Date: Thu, 01 Aug 2013 15:55:00 +0000 From: bugzilla-daemon@...zilla.kernel.org To: linux-ext4@...r.kernel.org Subject: [Bug 60676] Stat system call gives permission denied to root for links under a sticky bit https://bugzilla.kernel.org/show_bug.cgi?id=60676 --- Comment #1 from Theodore Tso <tytso@....edu> --- On Thu, Aug 01, 2013 at 03:02:36PM +0000, bugzilla-daemon@...zilla.kernel.org wrote: > > If a directory has a sticky bit set, root cannot use anything that makes the > stat system call on any of the links there. > > Example: > > $ ls -ld /tmp/ > > drwxrwxrwt 17 root root 4825088 Aug 1 10:50 /tmp/ > > $ mkdir /tmp/testdir > > $ touch /tmp/testdir/testfile > > $ ln -s /tmp/testdir/ /tmp/testlink > > $ ls /tmp/testlink/ > > testfile > > $ su > > # ls /tmp/testlink > ls: cannot access /tmp/testlink: Permission denied > > # ls /tmp/testdir > > testfile Works for me: <tytso.root@...bda> {/tmp}, level 2 509# ls -aldg /tmp 0 drwxrwxrwt 18 root 1840 Aug 1 11:10 /tmp/ <tytso.root@...bda> {/tmp}, level 2 510# stat /tmp/testdir File: tmp/testdir' Size: 60 Blocks: 0 IO Block: 4096 directory Device: 12h/18d Inode: 3290419 Links: 2 Access: (0700/drwx------) Uid: (15806/ tytso) Gid: (15806/ tytso) Access: 2013-08-01 11:10:01.141462969 -0400 Modify: 2013-08-01 11:09:53.301463057 -0400 Change: 2013-08-01 11:10:51.261462406 -0400 Birth: - <tytso.root@...bda> {/tmp}, level 2 511# stat /tmp/testfile File: tmp/testfile' -> stdir/testfile' Size: 16 Blocks: 0 IO Block: 4096 symbolic link Device: 12h/18d Inode: 3288475 Links: 1 Access: (0777/lrwxrwxrwx) Uid: (15806/ tytso) Gid: (15806/ tytso) Access: 2013-08-01 11:10:04.701462929 -0400 Modify: 2013-08-01 11:10:03.691462941 -0400 Change: 2013-08-01 11:10:03.691462941 -0400 Birth: - <tytso.root@...bda> {/tmp}, level 2 512# uname -a Linux lambda 3.11.0-rc2-00261-g316da4e #50 SMP Fri Jul 26 08:41:29 EDT 2013 x86_64 GNU/Linux <tytso.root@...bda> {/tmp}, level 2 513# I suspect you are using SELinux? (You have a security problem. So you install SELinux; now you have 6+ megabytes worth of problems when you try to decipher the SELinux policy definitions. :-) - Ted -- You are receiving this mail because: You are watching the assignee of the bug. -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists