1 |
> |
2 |
> |
3 |
>-----Original Message----- |
4 |
>From: Dr Rainer Woitok <rainer.woitok@×××××.com> |
5 |
>Sent: Thursday, March 10, 2022 9:51 AM |
6 |
>To: gentoo-user@l.g.o; Nikos Chantziaras <realnc@×××××.com> |
7 |
>Subject: [gentoo-user] Re: Root can't write to files owned by others? |
8 |
> |
9 |
>Nikos, |
10 |
> |
11 |
>On Thursday, 2022-03-10 12:21:36 +0200, you wrote: |
12 |
> |
13 |
>> ... |
14 |
>> Are you sure that: |
15 |
>> |
16 |
>> sysctl fs.protected_regular=0 |
17 |
>> |
18 |
>> does not help? I can reproduce it here on my system with kernel |
19 |
>> 5.15.27, and setting that sysctl to 0 fixes it immediately. |
20 |
> |
21 |
>No, I'm not at all sure. Since you mentioned in your first mail that |
22 |
>this is normal when using "systemd", I did not pursue this route any further, because I'm using "openrc". |
23 |
> |
24 |
>I'll search the web for "fs.protected_regular" to get a feeling for the consequences and then perhaps set this when I'll again boot kernel vers- ion 5.15.26. |
25 |
> |
26 |
>Thanks for being persistent :-) |
27 |
> |
28 |
>Sincerely, |
29 |
> Rainer |
30 |
> |
31 |
> |
32 |
|
33 |
Basically the idea is to keep other users from being able to trick root into writing sensitive data to something they control. |
34 |
It's a "systemd thing" because, apparently, the systemd developers decided to have systemd enable it instead of leaving it in the bailiwick of the distros' configurations. |
35 |
But if the default setting changed in a later kernel as well, that would potentially affect everyone, so a quick check of what it's set to wouldn't be amiss. |
36 |
|
37 |
LMP |