Bug#280632: marked as done (libc6: Ordinary user can delete files owned by other user, root files too.)
Your message dated Wed, 10 Nov 2004 18:08:36 +0100
with message-id <20041110170836.GJ21711@mails.so.argh.org>
and subject line Bug#280632: libc6: Ordinary user can delete files owned by other user, root files too.
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 10 Nov 2004 16:30:15 +0000
>From michal@zimen.sk Wed Nov 10 08:30:15 2004
Return-path: <michal@zimen.sk>
Received: from alfa.intrak.tuke.sk [147.232.151.3] (postfix)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CRvMN-0007LH-00; Wed, 10 Nov 2004 08:30:15 -0800
Received: from localhost (localhost [127.0.0.1])
by alfa.intrak.tuke.sk (Postfix) with ESMTP
id A2BDDEF08; Wed, 10 Nov 2004 17:30:13 +0100 (CET)
Received: from alfa.intrak.tuke.sk ([127.0.0.1])
by localhost (alfa [127.0.0.1]) (amavisd-new, port 10024) with SMTP
id 21155-06; Wed, 10 Nov 2004 17:30:13 +0100 (CET)
Received: from mizu.intrak.sk (mizu.intrak.tuke.sk [147.232.156.11])
by alfa.intrak.tuke.sk (Postfix) with ESMTP
id 7F360EEEB; Wed, 10 Nov 2004 17:30:13 +0100 (CET)
Received: by mizu.intrak.sk (Postfix, from userid 1000)
id 4431AC1AF38; Wed, 10 Nov 2004 17:30:13 +0100 (CET)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Michal Zimen <michal@zimen.sk>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: libc6: Ordinary user can delete files owned by other user, root files too.
X-Mailer: reportbug 3.2
Date: Wed, 10 Nov 2004 17:30:13 +0100
Message-Id: <[🔎] 20041110163013.4431AC1AF38@mizu.intrak.sk>
X-Virus-Scanned: by amavisd-new-20030616-p7 (Debian) at intrak.sk
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level:
Package: libc6
Version: 2.3.2.ds1-18
Severity: critical
Justification: breaks the whole system
normal user can delete files, which is not owned by him.
try:
x@y$ cd ~
x@y$ su
x@y# touch XXX
x@y# chmod 700 XXX
x@y# exit
x@y$ rm -f XXX
:) that file is deleted !!!
I tried this problem on other kernels (2.6.8.1, 2.4.26) with the same
result. (file was deleted)
I am sure, that permissions is good, so that should not to be deleted.
But, it is strange, that not each files can be deleted.
for example: at /, /bin ..it is not possible,
but at: /usr/bin/, ~/, /tmp it is really possible.
mizu
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.10-rc1-mm3-mizu
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) (ignored: LC_ALL set to C)
Versions of packages libc6 depends on:
ii libdb1-compat 2.1.3-7 The Berkeley database routines [gl
-- no debconf information
---------------------------------------
Received: (at 280632-done) by bugs.debian.org; 10 Nov 2004 17:08:41 +0000
>From aba@not.so.argh.org Wed Nov 10 09:08:41 2004
Return-path: <aba@not.so.argh.org>
Received: from mail-out.m-online.net [212.18.0.9]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CRvxZ-0003gA-00; Wed, 10 Nov 2004 09:08:41 -0800
Received: from svr14.m-online.net (mail.m-online.net [192.168.3.144])
by mail-out.m-online.net (Postfix) with ESMTP id 2E532299A;
Wed, 10 Nov 2004 18:08:40 +0100 (CET)
Received: from sol.so.argh.org (ppp-62-245-162-173.mnet-online.de [62.245.162.173])
by mail.m-online.net (Postfix) with ESMTP id EF086148367;
Wed, 10 Nov 2004 18:08:39 +0100 (CET)
Received: from aba by sol.so.argh.org with local (Exim 4.22 #1 (Debian) [+prerelease])
id 1CRvxV-0006Zp-07; Wed, 10 Nov 2004 18:08:37 +0100
Date: Wed, 10 Nov 2004 18:08:36 +0100
From: Andreas Barth <aba@not.so.argh.org>
To: Michal Zimen <michal@zimen.sk>, 280632-done@bugs.debian.org
Subject: Re: Bug#280632: libc6: Ordinary user can delete files owned by other user, root files too.
Message-ID: <20041110170836.GJ21711@mails.so.argh.org>
References: <[🔎] 20041110163013.4431AC1AF38@mizu.intrak.sk>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <[🔎] 20041110163013.4431AC1AF38@mizu.intrak.sk>
X-Editor: Vim http://www.vim.org/
User-Agent: Mutt/1.5.6i
Delivered-To: 280632-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level:
* Michal Zimen (michal@zimen.sk) [041110 17:45]:
> normal user can delete files, which is not owned by him.
This is part of the defined unix behaviour. If you can delete a file
depends on the directory. If the user can write to the directory, he can
delete the file (with the exception if the directory is sticky, he need
also to own the file - but that's an later extension).
> but at: /usr/bin/, ~/, /tmp it is really possible.
I doubt that it works in /tmp on a regular debian system, also that it
works in /usr/bin, and in ~ by someone else than the user whose home
directory it is. If it does on your system, please show ls -ld of the
directory.
Cheers,
Andi
--
http://home.arcor.de/andreas-barth/
PGP 1024/89FB5CE5 DC F1 85 6D A6 45 9C 0F 3B BE F1 D0 C5 D1 D9 0C
Reply to: