1 |
Aho, |
2 |
|
3 |
On Friday, 2022-03-11 10:17:13 +0100, you wrote: |
4 |
|
5 |
> ... |
6 |
> I think Rainer's problem is the nosuid mount flag on his /tmp |
7 |
> |
8 |
> $ mount | grep \/tmp |
9 |
> tmpfs on /tmp type tmpfs (rw,nosuid,nodev,noatime,size=3212160k,inode64) |
10 |
> |
11 |
> So if he would run the command against a file not located in /tmp I |
12 |
> think it would work, at least it does for me as it's only /tmp that has |
13 |
> nosuid. |
14 |
|
15 |
No. My "/tmp/" directory is not mounted at all, it is just a genuine |
16 |
directory in "/". And that root CAN overwrite a file it doesn't own in |
17 |
other directories, is due to most directories not having the sticky bit |
18 |
set (which is a (wanted) particularity of "/tmp/" and "/var/tmp/", in |
19 |
that it prevents normal users from (re)moving other people's files): |
20 |
|
21 |
$ ls -ld / /tmp /var/tmp |
22 |
drwxr-xr-x 21 root root 4096 2021-01-25 12:17 / |
23 |
drwxrwxrwt 10 root root 69632 2022-03-11 12:16 /tmp |
24 |
drwxrwxrwt 3 root root 4096 2022-03-10 10:23 /var/tmp |
25 |
$ |
26 |
^ |
27 |
This "t" indicates a set sticky bit. |
28 |
|
29 |
Sincerely, |
30 |
Rainer |