[RndTbl] creat() fails on non-root owned file when stickybit set on dir (tcsh) (new kernel bug?)
Trevor Cordes
trevor at tecnopolis.ca
Fri Jan 3 02:38:59 CST 2020
On 2020-01-02 Gilbert E. Detilllieux wrote:
> See also...
>
> https://www.spinics.net/lists/fedora-devel/msg252452.html
>
> Thanks, Trevor, for bringing this to our attention. I was not even
> aware of these new sysctl settings and kernel features. I can see
> why they'd be desirable from a security perspective, but it does
> break compatibility, possibly for some legitimate but obscure use
> cases.
Thanks for the links. I see where they are coming from, but it's a
bludgeon to try to fix the forever-bugs of thoughtless tmp file/dir
usage by programmers, which I don't think is as prevalent today as it
used to be.
Systemd already "solved" it for daemons by shadow-masking safe/unique
dirs for /tmp usage (ugh, hate that too!).
I guess these new sysctls are trying to solve it for the rest of the
programs out there. When really each program should be using well
established tmpdir routines available in every single language that
solved these problems eons ago.
I see the point, but it irks me they have to do this at all instead of
getting programmers who get their code put into distros to just do it
the right way.
fs.protected_regular = 0 on all my boxes now! Well, I guess until
someone smartens up tcsh like they did bash so I can still use >!
;-)
More information about the Roundtable
mailing list