| 1 |
Aho, |
| 2 |
|
| 3 |
On Friday, 2022-03-11 10:17:13 +0100, you wrote: |
| 4 |
|
| 5 |
> ... |
| 6 |
> I think Rainer's problem is the nosuid mount flag on his /tmp |
| 7 |
> |
| 8 |
> $ mount | grep \/tmp |
| 9 |
> tmpfs on /tmp type tmpfs (rw,nosuid,nodev,noatime,size=3212160k,inode64) |
| 10 |
> |
| 11 |
> So if he would run the command against a file not located in /tmp I |
| 12 |
> think it would work, at least it does for me as it's only /tmp that has |
| 13 |
> nosuid. |
| 14 |
|
| 15 |
No. My "/tmp/" directory is not mounted at all, it is just a genuine |
| 16 |
directory in "/". And that root CAN overwrite a file it doesn't own in |
| 17 |
other directories, is due to most directories not having the sticky bit |
| 18 |
set (which is a (wanted) particularity of "/tmp/" and "/var/tmp/", in |
| 19 |
that it prevents normal users from (re)moving other people's files): |
| 20 |
|
| 21 |
$ ls -ld / /tmp /var/tmp |
| 22 |
drwxr-xr-x 21 root root 4096 2021-01-25 12:17 / |
| 23 |
drwxrwxrwt 10 root root 69632 2022-03-11 12:16 /tmp |
| 24 |
drwxrwxrwt 3 root root 4096 2022-03-10 10:23 /var/tmp |
| 25 |
$ |
| 26 |
^ |
| 27 |
This "t" indicates a set sticky bit. |
| 28 |
|
| 29 |
Sincerely, |
| 30 |
Rainer |
Archives