[arch-general] Opening symlinks in tmpfs as root fails!
Christian Hesse
list at eworm.de
Tue Dec 30 13:02:32 UTC 2014
Christian Hesse <list at eworm.de> on Tue, 2014/12/30 13:42:
> Mohammad_AlSaleh <ce.mohammad.alsaleh at gmail.com> on Tue, 2014/12/30 14:36:
> > Hello.
> >
> > I just came across some weird behavior.
> >
> > A small testcase:
> >
> > cd /tmp # should be tmpfs
> > touch tfile
> > ln -s tfile tlink
> > cat tlink
> >
> > When cat executes, it returns with success(0). But, if cat is executed
> > as root, it fails with a permission denied error.
> >
> > What's really happening is, the open() syscall fails with EACCESS when
> > the file is a symlink in a tmpfs-mounted dir. But only fails when run
> > as root!
> >
> > I'm assuming this is a bug. Can anyone confirm it?
>
> This is expected as /tmp has the sticky bit set.
>
> https://wiki.ubuntu.com/Security/Features#Symlink_restrictions
As this was related to Ubuntu and pathes do not match... You can control the
behavior via proc filesystem:
/proc/sys/fs/protected_symlinks
Or simply use sysctl:
sysctl -w fs.protected_symlinks=0
If you want to make this permanent add the entry to configuration file
in /etc/sysctl.d/.
--
main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH"
"CX:;",b;for(a/* Chris get my mail address: */=0;b=c[a++];)
putchar(b-1/(/* gcc -o sig sig.c && ./sig */b/42*2-3)*42);}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20141230/7554a543/attachment.bin>
More information about the arch-general
mailing list