Re: Bug#554893: startup script should be more careful with chown -R
The Fungi wrote:
On Sun, Nov 08, 2009 at 07:13:25PM +0300, Michael Tokarev wrote:
And as others in #debian pointed out the overlooked obvious, `chown -R'
follows symlinks. So it's sufficient to put a symlink to /etc/passwd into
/var/lib/nsd3 to get the system 0wned.
Not to downplay the original bug (removed from Cc), but have you
tested the above claim? This didn't match my recollection, so I
checked and found (at least using the one from coreutils under sid)
that chown doesn't follow either symlinks in the tree or even
specified as a parameter...
A good one. It appears that I quite something changed since I last looked
at this. No, I didn't test it because I remember it's how things worked
before. But that was long before.... ;)
As of coreutils-6.0, coreutils supports *at syscalls (incl. fchownat),
and always specifying AT_SYMLINK_NOFOLLOW. My system eve had strace that
does not understand these!.. ;)
See the NEWS file in coreutils package. In particular, this:
* Major changes in release 5.3.0 (2005-01-08) [unstable]
** Bug fixes
Several fixes to chgrp and chown for compatibility with POSIX and BSD:
Do not affect symbolic links by default.
Now, operate on whatever a symbolic link points to, instead.
To get the old behavior, use --no-dereference (-h).
So yes you're right, now it does not work like that.
Thank you for further clarification!