[arch-general] Opening symlinks in tmpfs as root fails!

Christian Hesse list at eworm.de
Tue Dec 30 12:42:03 UTC 2014


Mohammad_AlSaleh <ce.mohammad.alsaleh at gmail.com> on Tue, 2014/12/30 14:36:
> Hello.
> 
> I just came across some weird behavior.
> 
> A small testcase:
> 
> cd /tmp # should be tmpfs
> touch tfile
> ln -s tfile tlink
> cat tlink
> 
> When cat executes, it returns with success(0). But, if cat is executed
> as root, it fails with a permission denied error.
> 
> What's really happening is, the open() syscall fails with EACCESS when
> the file is a symlink in a tmpfs-mounted dir. But only fails when run
> as root!
> 
> I'm assuming this is a bug. Can anyone confirm it?

This is expected as /tmp has the sticky bit set.

https://wiki.ubuntu.com/Security/Features#Symlink_restrictions
-- 
main(a){char*c=/*    Schoene Gruesse                         */"B?IJj;MEH"
"CX:;",b;for(a/*    Chris           get my mail address:    */=0;b=c[a++];)
putchar(b-1/(/*               gcc -o sig sig.c && ./sig    */b/42*2-3)*42);}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20141230/a07c1a1e/attachment.bin>


More information about the arch-general mailing list