Re: Kernel 3.14.x bug? rm, mv root-owned files

To: debian-user@lists.debian.org
Subject: Re: Kernel 3.14.x bug? rm, mv root-owned files
From: Filip <filip@fbvnet.be>
Date: Mon, 09 Jun 2014 11:03:27 +0200
Message-id: <[🔎] 877g4qqwtc.fsf@orac.fil>
In-reply-to: <[🔎] 20140609060227.GG21959@tal> (Chris Bannister's message of "Mon, 9 Jun 2014 18:02:27 +1200")
References: <[🔎] 1402015161.55498.YahooMailBasic@web162905.mail.bf1.yahoo.com> <[🔎] 20140606033754.GA18765@hysteria.proulx.com> <[🔎] 5391C53B.4080305@fastmail.fm> <[🔎] 8761ke2j1q.fsf@orac.fil> <[🔎] 20140609060227.GG21959@tal>

Chris Bannister <cbannister@slingshot.co.nz> writes:

> On Fri, Jun 06, 2014 at 04:45:37PM +0200, Filip wrote:
>> 
>> Removing a directory entries no relation whatsoever to the permissions
>> of the file.
>
> Parse error! Does not compute! :)
>
> -- 
> "If you're not careful, the newspapers will have you hating the people
> who are being oppressed, and loving the people who are doing the 
> oppressing." --- Malcolm X

What I mean to say was: The permissions on the file have no bearing on
whether or not you can unlink it's directory entry.

But really, it's a white lie ;-)

Because, it's possible to set the 'immutable' attribute ('chattr +i') on
the file which will prevent anyone from linking or unlinking the file,
and also prevents all write operations. But that is not really part of
the regular permission system, but more of a file system feature. And
it's not something to be casually used by end-users because a regular
user can't change the attribute.

Let's create a file and set the +i attribute:

$ touch imm
$ chattr +i imm
chattr: Operation not permitted while setting flags on imm
$ ls -l imm
-rw-r--r-- 1 filip filip 0 Jun  9 10:37 imm
$ sudo chattr +i imm
$ lsattr imm
----i--------e-- imm

Permissions on the file on on the containing directory look quite
ordinary:

$ ls -ld .
drwxr-xr-x 2 filip filip 4096 Jun  9 09:57 .
$ ls -ld imm
-rw-r--r-- 1 filip filip 0 Jun  9 09:47 imm

Now let's try some operations:

$ echo test >imm
bash: imm: Permission denied
$ mv imm newname
mv: cannot move ‘imm’ to ‘newname’: Operation not permitted
$ rm imm
rm: remove write-protected regular empty file ‘imm’? y
rm: cannot remove ‘imm’: Operation not permitted
$ ln imm newlink
ln: failed to create hard link ‘newlink’ => ‘imm’: Operation not permitted

We are not allowed to do very much with it.

Well at least reading works:
$ cat imm
$ 

It's an empty file, so the content is not very exciting, but try it
yourself with a file that contains data if you don't believe me ;-)

Now remove the attribute:

$ chattr -i imm
chattr: Operation not permitted while setting flags on imm
$ sudo chattr -i imm
$ lsattr imm
-------------e-- imm

And now we can remove the file:

$ rm imm
$ ls imm
ls: cannot access imm: No such file or directory

Attachment: pgpCE3_oFvBOy.pgp
Description: PGP signature

Reply to:

References:
- Kernel 3.14.x bug? rm, mv root-owned files
  - From: jimmy <wg2002a@yahoo.com>
- Re: Kernel 3.14.x bug? rm, mv root-owned files
  - From: Bob Proulx <bob@proulx.com>
- Re: Kernel 3.14.x bug? rm, mv root-owned files
  - From: The Wanderer <wanderer@fastmail.fm>
- Re: Kernel 3.14.x bug? rm, mv root-owned files
  - From: Filip <filip@fbvnet.be>
- Re: Kernel 3.14.x bug? rm, mv root-owned files
  - From: Chris Bannister <cbannister@slingshot.co.nz>

Prev by Date: Re: debian installation
Next by Date: wine-unstable 64 bit
Previous by thread: Re: Kernel 3.14.x bug? rm, mv root-owned files
Next by thread: Re: Kernel 3.14.x bug? rm, mv root-owned files
Index(es):
- Date
- Thread