Re: Where to report: root fails to edit other users file in sticky bit directory

To: debian-user@lists.debian.org
Subject: Re: Where to report: root fails to edit other users file in sticky bit directory
From: MichaIng <micha@dietpi.com>
Date: Tue, 8 Dec 2020 15:57:17 +0100
Message-id: <[🔎] 4328be31-d3f5-8048-e371-9ced48598bfb@dietpi.com>
In-reply-to: <[🔎] 6c81b4e5-3474-1ac3-8382-9c97f4c158e1@dietpi.com>
References: <[🔎] 6c81b4e5-3474-1ac3-8382-9c97f4c158e1@dietpi.com>

Sorry for the late reply guys, I was not subscribed to the list, justgot the address from the bug report instructions in case the relatedpackage could not be identified, and thought I get an answer directly tomy mailbox xD: https://www.debian.org/Bugs/Reporting.en.html


Back to topic.

I totally forgot to make clear that it is an issue on Debian Bullseyeonly. On Buster this would have been recognised much earlier ;).


@Tomas:
-------
root@VM-Bullseye:/tmp# id
uid=0(root) gid=0(root) groups=0(root)
root@VM-Bullseye:/tmp# >> testfile
-bash: testfile: Permission denied
root@VM-Bullseye:/tmp# dash -c '>> testfile'
dash: 1: cannot create testfile: Permission denied

-------

As said, the issue was first recognised during a Python module install,so in a totally different environment. My shell is bash as well, but Ican reproduce the issue with any shell or any other language to write toa file in sticky bit directories.


@Greg
-------
root@VM-Bullseye:/tmp# id
uid=0(root) gid=0(root) groups=0(root)
root@VM-Bullseye:~# cd /tmp
root@VM-Bullseye:/tmp# df -T
Filesystem     Type     1K-blocks   Used Available Use% Mounted on
udev           devtmpfs   1016164      0   1016164   0% /dev
/dev/sda1      ext4       8189368 584548   7169108   8% /
tmpfs          tmpfs      1018568      0   1018568   0% /dev/shm
tmpfs          tmpfs       407428   5504    401924   2% /run
tmpfs          tmpfs         5120      0      5120   0% /run/lock
tmpfs          tmpfs         4096      0      4096   0% /sys/fs/cgroup
tmpfs          tmpfs      1018880  37432    981448   4% /tmp
tmpfs          tmpfs        51200      8     51192   1% /var/log
root@VM-Bullseye:/tmp# cd /root
root@VM-Bullseye:~# mkdir testdir
root@VM-Bullseye:~# chmod 1777 testdir
root@VM-Bullseye:~# > testdir/testfile
root@VM-Bullseye:~# chown www-data testdir/testfile
root@VM-Bullseye:~# > testdir/testfile
-bash: testdir/testfile: Permission denied
-------

The issue is not related to the file system and not related to thekernel version. As said I tested in on RPi with their current stableLinux 5.4 (now with a second recent update) and on Bullseye with now aswell two kernel versions. But to be sure, I'll downgrade the kernel to aprevious major version, probably from Buster backports, just to be sure.

This is a bug clearly, I'm just not sure, if kernel and file system andshell/environment does not play a role, which part of the OS does, i.e.is sitting between userland programs and kernel/fs driver to verify UNIXpermissions.


Best regards,

Micha

Reply to:

Follow-Ups:
- Re: Where to report: root fails to edit other users file in sticky bit directory
  - From: Greg Wooledge <wooledg@eeg.ccf.org>
- Re: Where to report: root fails to edit other users file in sticky bit directory
  - From: <tomas@tuxteam.de>
- Re: Where to report: root fails to edit other users file in sticky bit directory
  - From: Andrei POPESCU <andreimpopescu@gmail.com>

References:
- Where to report: root fails to edit other users file in sticky bit directory
  - From: MichaIng <micha@dietpi.com>

Prev by Date: Re: caja-admin not working in Bullseye Mate
Next by Date: Re: Where to report: root fails to edit other users file in sticky bit directory
Previous by thread: Re: Where to report: root fails to edit other users file in sticky bit directory
Next by thread: Re: Where to report: root fails to edit other users file in sticky bit directory
Index(es):
- Date
- Thread