1 |
On Mon, 30 Jan 2017 11:29:02 -0500 |
2 |
Michael Orlitzky <mjo@g.o> wrote: |
3 |
|
4 |
> On 01/30/2017 09:25 AM, Alan McKinnon wrote: |
5 |
> >> |
6 |
> >> Any user can create a hard link in its home directory |
7 |
> >> to /etc/shadow, so long as (a) they live on the same filesystem, |
8 |
> >> and (b) there are no special kernel protections in place to |
9 |
> >> prevent it. If you call chown on that hard link, it will change |
10 |
> >> the ownership of /etc/shadow. |
11 |
> > |
12 |
> > That is absolutely not true, at least for the case of classic Unix |
13 |
> > filesystems. |
14 |
> > |
15 |
> > ... |
16 |
> > |
17 |
> > I cannot chmod, chown or chgrp |
18 |
> > /etc/shadow because I do not own it, and the kernel will not let me |
19 |
> > ln it either: |
20 |
> > |
21 |
> > alan@khamul /alan $ ln /etc/shadow |
22 |
> > ln: failed to create hard link './shadow' => '/etc/shadow': |
23 |
> > Operation not permitted |
24 |
> > |
25 |
> |
26 |
> You have the fs.protected_hardlinks sysctl enabled. We patch that in |
27 |
> gentoo-sources, but it's off by default in vanilla-sources. Try again |
28 |
> with it disabled (and don't forget to turn it back on). Once the hard |
29 |
> link has been created, a "chown -R foo /alan" or the equivalent "find |
30 |
> ..." command will change the ownership of /etc/shadow. |
31 |
> |
32 |
> |
33 |
|
34 |
No, that is also enabled by default on vanilla kernels, I just verified |
35 |
on my machine running a vanilla kernel. It doesn't matter anyway, since |
36 |
the permissions and ownership information is stored in the inode, not |
37 |
the dentry so all hardlinks have exactly the same permissions. |