Bug#295146: kernel: can delete root directories

To: Rehm <jagginess@yahoo.ca>, 295146@bugs.debian.org
Cc: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#295146: kernel: can delete root directories
From: Al Viro <viro@parcelfarce.linux.theplanet.co.uk>
Date: Mon, 14 Feb 2005 00:02:20 +0000
Message-id: <[🔎] 20050214000220.GF8859@parcelfarce.linux.theplanet.co.uk>
Reply-to: Al Viro <viro@parcelfarce.linux.theplanet.co.uk>, 295146@bugs.debian.org
In-reply-to: <[🔎] E1D0TCT-0007KQ-00@master.debian.org>
References: <[🔎] E1D0TCT-0007KQ-00@master.debian.org>

On Sun, Feb 13, 2005 at 06:31:09PM -0500, Rehm wrote:
> Package: kernel
> Severity: critical
> Justification: root security hole
> 
> Extremely insecure. Apparently after having been able to do mounting
> on a diskimage disk1.img (sued to root under lightweight wm in X- xterm box) on a directory called ./1,
> drwxr-xr-x  2 root  root     4096 2005-02-13 18:22 1
> $
> ->as a normal user, (and my groups command shows no respect of being
> member of root), I am able to delete directory 1, or shouldn't I? Either
> I'm very dumb, or something is terribly wrong..Any other further details I can provide and test- I wouldn't
> mind..Thanks for the feedback..

a) do you actually have something mounted on that directory at the time?
b) strace of rmdir, please

Reply to:

Follow-Ups:
- Bug#295146: kernel: can delete root directories
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>

References:
- Bug#295146: kernel: can delete root directories
  - From: Rehm <jagginess@yahoo.ca>

Prev by Date: Bug#295146: kernel: can delete root directories
Next by Date: Re: Debian Kernel Patch Script
Previous by thread: Bug#295146: kernel: can delete root directories
Next by thread: Bug#295146: kernel: can delete root directories
Index(es):
- Date
- Thread