[arch-general] don't casually do things in /tmp directly (was: Strange issue)

Drake Wilson drake at dasyatidae.net
Tue Dec 9 19:25:08 UTC 2014


Neven Sajko wrote:
> I used makepkg to build a package from /tmp. The package was then put
> to the designated directory and a symlink to pwd. When I try to install
> it with pacman -U /tmp/symlink-to-package, I get an error (permission
> denied) which I don't get when invoking pacman -U directly with the
> name of the file (not with the symbolic link). See, like this:
> 
> [root at lnv64 tmp]# pacman -U /tmp/lomoco-1.0-9-x86_64.pkg.tar
> loading packages...
> error: '/tmp/lomoco-1.0-9-x86_64.pkg.tar': permission denied
[...]
> So from this line:
> access("/tmp/lomoco-1.0-9-x86_64.pkg.tar", R_OK) = -1 EACCES (Permission denied)
> we see that the kernel call access() reports that root doesn't have
> read access to a 777-permissible file?!
> Maybe it matters that it's on tmpfs and/or a symlink?

This is probably due to the fs.protected_symlinks sysctl being turned on,
which I believe it is by default in Arch.  Most symlinks in world-writable
sticky directories (like /tmp) are not followed except by processes running
as the user that created them.  This is to prevent common attacks where a
privileged process tries to access what it thinks is not a symlink, but
another process manages to insert a symlink to an unrelated file so that
the privileged process performs the wrong access.

It's not a good idea to build things directly in /tmp like that anyway, for
more or less that reason.  Creating a subdirectory of /tmp for each new
"action" that needs temporary files is a better approach.

   ---> Drake Wilson


More information about the arch-general mailing list