Re: Where to report: root fails to edit other users file in sticky bit directory

To: debian-user@lists.debian.org
Subject: Re: Where to report: root fails to edit other users file in sticky bit directory
From: Greg Wooledge <wooledg@eeg.ccf.org>
Date: Tue, 8 Dec 2020 13:20:16 -0500
Message-id: <[🔎] 20201208182016.GH915@eeg.ccf.org>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 20201208174038.GD7697@tuxteam.de>
References: <[🔎] 6c81b4e5-3474-1ac3-8382-9c97f4c158e1@dietpi.com> <[🔎] 4328be31-d3f5-8048-e371-9ced48598bfb@dietpi.com> <[🔎] 20201208155522.GB7697@tuxteam.de> <[🔎] 4cce2f32-f799-87e3-26ae-55a6bff5a01b@dietpi.com> <[🔎] 20201208164852.GC7697@tuxteam.de> <[🔎] 57ae0954-e914-91f6-87b0-93b861afd2cc@dietpi.com> <[🔎] 20201208174038.GD7697@tuxteam.de>

On Tue, Dec 08, 2020 at 06:40:38PM +0100, tomas@tuxteam.de wrote:
> I lost track a bit about your other hypotheses, but this mode changing
> bit when O_CREAT is given somehow rings a bell.

I googled "linux o_creat sticky" and got this:

https://patchwork.kernel.org/project/kernel-hardening/patch/20180416175918.GA13494@beast/

  Disallows open of FIFOs or regular files not owned by the user in world
  writable sticky directories, unless the owner is the same as that of the
  directory or the file is opened without the O_CREAT flag. The purpose
  is to make data spoofing attacks harder. This protection can be turned
  on and off separately for FIFOs and regular files via sysctl, just like
  the symlinks/hardlinks protection. This patch is based on Openwall's
  "HARDEN_FIFO" feature by Solar Designer.

I don't know whether that's actually applied to the bullseye kernels,
but it's definitely something to look into.

Reply to:

Follow-Ups:
- Re: Where to report: root fails to edit other users file in sticky bit directory
  - From: MichaIng <micha@dietpi.com>

References:
- Where to report: root fails to edit other users file in sticky bit directory
  - From: MichaIng <micha@dietpi.com>
- Re: Where to report: root fails to edit other users file in sticky bit directory
  - From: MichaIng <micha@dietpi.com>
- Re: Where to report: root fails to edit other users file in sticky bit directory
  - From: <tomas@tuxteam.de>
- Re: Where to report: root fails to edit other users file in sticky bit directory
  - From: MichaIng <micha@dietpi.com>
- Re: Where to report: root fails to edit other users file in sticky bit directory
  - From: <tomas@tuxteam.de>
- Re: Where to report: root fails to edit other users file in sticky bit directory
  - From: MichaIng <micha@dietpi.com>
- Re: Where to report: root fails to edit other users file in sticky bit directory
  - From: <tomas@tuxteam.de>

Prev by Date: Re: Where to report: root fails to edit other users file in sticky bit directory
Next by Date: Re: Can't print to CUPS printer on my server
Previous by thread: Re: Where to report: root fails to edit other users file in sticky bit directory
Next by thread: Re: Where to report: root fails to edit other users file in sticky bit directory
Index(es):
- Date
- Thread