[RndTbl] creat() fails on non-root owned file when stickybit set on dir (tcsh) (new kernel bug?)

Trevor Cordes trevor at tecnopolis.ca
Mon Dec 30 23:57:37 CST 2019


After much kernel bisecting by me that yielded nothing of value, it
turns out the bug isn't the kernel, it's a change in Fedora's default
sysctl.conf settings between F29 and F30 that enable a new-ish kernel
"feature".  The "feature" turns on this behavior.

Thanks to Andrew Morton and especially Al Viro for figuring this out
for me as I'm pretty sure a sysctl of some obscure feature would have
been the last place I would have looked!

The solution is:
echo 0 >> /proc/sys/fs/protected_regular

The new feature is (and it may be systemd deciding this):

* The fs.protected_regular and fs.protected_fifos sysctls, which were
  added in Linux 4.19 to make some data spoofing attacks harder, are
  now enabled by default. While this will hopefully improve the
  security of most installations, it is technically a backwards
  incompatible change; to disable these sysctls again, place the
  following lines in /etc/sysctl.d/60-protected.conf or a similar file:
    fs.protected_regular = 0
    fs.protected_fifos = 0

The bz is:
https://bugzilla.kernel.org/show_bug.cgi?id=205727


More information about the Roundtable mailing list