1 |
On Fri, Mar 11, 2022 at 7:59 AM Neil Bothwick <neil@××××××××××.uk> wrote: |
2 |
> |
3 |
> On Fri, 11 Mar 2022 12:38:48 +0100, Dr Rainer Woitok wrote: |
4 |
> |
5 |
> > No. My "/tmp/" directory is not mounted at all, it is just a genuine |
6 |
> > directory in "/". And that root CAN overwrite a file it doesn't own in |
7 |
> > other directories, is due to most directories not having the sticky bit |
8 |
> > set (which is a (wanted) particularity of "/tmp/" and "/var/tmp/", in |
9 |
> > that it prevents normal users from (re)moving other people's files): |
10 |
> |
11 |
> It's not the sticky bit per se from what I've read, but the new default |
12 |
> prevents root from overwriting a file if the file and the directory |
13 |
> containing it have different owners. In most cases, the file has the same |
14 |
> directory as the owner so this does not happen, but the sticky bit allows |
15 |
> users that don't own the directory to create files in it. |
16 |
> |
17 |
> |
18 |
> -- |
19 |
> Neil Bothwick |
20 |
> |
21 |
> Assassins do it from behind. |
22 |
|
23 |
Is this related to the 'dirty pipe' vulnerability that has been in the |
24 |
news of late and has gotten patched in most distros in the last few |
25 |
days? |
26 |
|
27 |
- Mark |