LKML Archive on lore.kernel.org help / color / mirror / Atom feed
* file attributes (ext2/3) in 2.4.26 @ 2004-05-17 18:51 Herbert Poetzl 2004-05-20 21:59 ` Marcelo Tosatti 0 siblings, 1 reply; 5+ messages in thread From: Herbert Poetzl @ 2004-05-17 18:51 UTC (permalink / raw) To: Marcelo Tosatti; +Cc: linux-kernel Hi Folks! is it intentional that the file attributes (those accessible with chattr -*) are modifyable even if a file has the 'i' immutable flag set, and the user is lacking CAP_IMMUTABLE (or all CAPs if you prefer that ;) # touch /tmp/x # chattr +iaA /tmp/x # lcap -z # chattr -i /tmp/x chattr: Operation not permitted while setting flags on /tmp/x # chattr -A /tmp/x # lsattr /tmp/x ----ia------- /tmp/x I'd consider this a bug, but it might be some strange posix/linux conformance issue too ... let me know if this _is_ a bug, if so, I'm willing to provide patches to fix it ... TIA, Herbert ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: file attributes (ext2/3) in 2.4.26 2004-05-17 18:51 file attributes (ext2/3) in 2.4.26 Herbert Poetzl @ 2004-05-20 21:59 ` Marcelo Tosatti 2004-05-20 22:48 ` Herbert Poetzl 0 siblings, 1 reply; 5+ messages in thread From: Marcelo Tosatti @ 2004-05-20 21:59 UTC (permalink / raw) To: linux-kernel; +Cc: Herbert Poetzl On Mon, May 17, 2004 at 08:51:41PM +0200, Herbert Poetzl wrote: > > Hi Folks! > > is it intentional that the file attributes > (those accessible with chattr -*) are modifyable > even if a file has the 'i' immutable flag set, > and the user is lacking CAP_IMMUTABLE (or all > CAPs if you prefer that ;) > > # touch /tmp/x > # chattr +iaA /tmp/x > > # lcap -z > # chattr -i /tmp/x > chattr: Operation not permitted while setting flags on /tmp/x > > # chattr -A /tmp/x > # lsattr /tmp/x > ----ia------- /tmp/x > > I'd consider this a bug, but it might be some > strange posix/linux conformance issue too ... > > let me know if this _is_ a bug, if so, I'm > willing to provide patches to fix it ... Hi Herbert, The chattr man page says A file with the `i' attribute cannot be modified: it cannot be deleted or renamed, no link can be created to this file and no data can be written to the file. Only the superuser or a process possessing the CAP_LINUX_IMMUTABLE capability can set or clear this attribute. You still can modify other flags from the file, right? ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: file attributes (ext2/3) in 2.4.26 2004-05-20 21:59 ` Marcelo Tosatti @ 2004-05-20 22:48 ` Herbert Poetzl 2004-05-31 15:05 ` Marcelo Tosatti 0 siblings, 1 reply; 5+ messages in thread From: Herbert Poetzl @ 2004-05-20 22:48 UTC (permalink / raw) To: Marcelo Tosatti; +Cc: linux-kernel On Thu, May 20, 2004 at 06:59:09PM -0300, Marcelo Tosatti wrote: > On Mon, May 17, 2004 at 08:51:41PM +0200, Herbert Poetzl wrote: > > > > Hi Folks! > > > > is it intentional that the file attributes > > (those accessible with chattr -*) are modifyable > > even if a file has the 'i' immutable flag set, > > and the user is lacking CAP_IMMUTABLE (or all > > CAPs if you prefer that ;) > > > > # touch /tmp/x > > # chattr +iaA /tmp/x > > > > # lcap -z > > # chattr -i /tmp/x > > chattr: Operation not permitted while setting flags on /tmp/x > > > > # chattr -A /tmp/x > > # lsattr /tmp/x > > ----ia------- /tmp/x > > > > I'd consider this a bug, but it might be some > > strange posix/linux conformance issue too ... > > > > let me know if this _is_ a bug, if so, I'm > > willing to provide patches to fix it ... > > Hi Herbert, > > The chattr man page says > > A file with the `i' attribute cannot be modified: it cannot be deleted > or renamed, no link can be created to this file and no data can be > written to the file. Only the superuser or a process possessing the > CAP_LINUX_IMMUTABLE capability can set or clear this attribute. > > You still can modify other flags from the file, right? yep, that is what I consider unexpected behavior, but the man page doesn't say anything about other flags ... in the example above (which should be easy to verify) the 'A' (noatime) flag is cleared while 'i' is set and the user (root) has no capability at all ... the same is true for all other attribute flags for ext2/ext3, reiserfs and probably other fs implementing those attributes. best, Herbert ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: file attributes (ext2/3) in 2.4.26 2004-05-20 22:48 ` Herbert Poetzl @ 2004-05-31 15:05 ` Marcelo Tosatti 2004-05-31 16:08 ` Herbert Poetzl 0 siblings, 1 reply; 5+ messages in thread From: Marcelo Tosatti @ 2004-05-31 15:05 UTC (permalink / raw) To: linux-kernel; +Cc: Herbert Poetzl On Fri, May 21, 2004 at 12:48:09AM +0200, Herbert Poetzl wrote: > On Thu, May 20, 2004 at 06:59:09PM -0300, Marcelo Tosatti wrote: > > On Mon, May 17, 2004 at 08:51:41PM +0200, Herbert Poetzl wrote: > > > > > > Hi Folks! > > > > > > is it intentional that the file attributes > > > (those accessible with chattr -*) are modifyable > > > even if a file has the 'i' immutable flag set, > > > and the user is lacking CAP_IMMUTABLE (or all > > > CAPs if you prefer that ;) > > > > > > # touch /tmp/x > > > # chattr +iaA /tmp/x > > > > > > # lcap -z > > > # chattr -i /tmp/x > > > chattr: Operation not permitted while setting flags on /tmp/x > > > > > > # chattr -A /tmp/x > > > # lsattr /tmp/x > > > ----ia------- /tmp/x > > > > > > I'd consider this a bug, but it might be some > > > strange posix/linux conformance issue too ... > > > > > > let me know if this _is_ a bug, if so, I'm > > > willing to provide patches to fix it ... > > > > Hi Herbert, > > > > The chattr man page says > > > > A file with the `i' attribute cannot be modified: it cannot be deleted > > or renamed, no link can be created to this file and no data can be > > written to the file. Only the superuser or a process possessing the > > CAP_LINUX_IMMUTABLE capability can set or clear this attribute. > > > > You still can modify other flags from the file, right? > > yep, that is what I consider unexpected behavior, but the > man page doesn't say anything about other flags ... > > in the example above (which should be easy to verify) the > 'A' (noatime) flag is cleared while 'i' is set and the > user (root) has no capability at all ... > > the same is true for all other attribute flags for > ext2/ext3, reiserfs and probably other fs implementing > those attributes. Hi again Herbert, I suppose this is expected behaviour, a file with 'i' cannot be modified, deleted or renamed and no link can be created to this file and no data written to the file. Its valid to change the file attributes. Not sure if any standard covers this, but it does not seem to be a problem. I suppose v2.6 behaves the same? ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: file attributes (ext2/3) in 2.4.26 2004-05-31 15:05 ` Marcelo Tosatti @ 2004-05-31 16:08 ` Herbert Poetzl 0 siblings, 0 replies; 5+ messages in thread From: Herbert Poetzl @ 2004-05-31 16:08 UTC (permalink / raw) To: Marcelo Tosatti; +Cc: linux-kernel On Mon, May 31, 2004 at 12:05:37PM -0300, Marcelo Tosatti wrote: > On Fri, May 21, 2004 at 12:48:09AM +0200, Herbert Poetzl wrote: > > On Thu, May 20, 2004 at 06:59:09PM -0300, Marcelo Tosatti wrote: > > > On Mon, May 17, 2004 at 08:51:41PM +0200, Herbert Poetzl wrote: > > > > > > > > Hi Folks! > > > > > > > > is it intentional that the file attributes > > > > (those accessible with chattr -*) are modifyable > > > > even if a file has the 'i' immutable flag set, > > > > and the user is lacking CAP_IMMUTABLE (or all > > > > CAPs if you prefer that ;) > > > > > > > > # touch /tmp/x > > > > # chattr +iaA /tmp/x > > > > > > > > # lcap -z > > > > # chattr -i /tmp/x > > > > chattr: Operation not permitted while setting flags on /tmp/x > > > > > > > > # chattr -A /tmp/x > > > > # lsattr /tmp/x > > > > ----ia------- /tmp/x > > > > > > > > I'd consider this a bug, but it might be some > > > > strange posix/linux conformance issue too ... > > > > > > > > let me know if this _is_ a bug, if so, I'm > > > > willing to provide patches to fix it ... > > > > > > Hi Herbert, > > > > > > The chattr man page says > > > > > > A file with the `i' attribute cannot be modified: it cannot be deleted > > > or renamed, no link can be created to this file and no data can be > > > written to the file. Only the superuser or a process possessing the > > > CAP_LINUX_IMMUTABLE capability can set or clear this attribute. > > > > > > You still can modify other flags from the file, right? > > > > yep, that is what I consider unexpected behavior, but the > > man page doesn't say anything about other flags ... > > > > in the example above (which should be easy to verify) the > > 'A' (noatime) flag is cleared while 'i' is set and the > > user (root) has no capability at all ... > > > > the same is true for all other attribute flags for > > ext2/ext3, reiserfs and probably other fs implementing > > those attributes. > > Hi again Herbert, > > I suppose this is expected behaviour, a file with 'i' cannot > be modified, deleted or renamed and no link can be created to this > file and no data written to the file. Its valid to change the file > attributes. well, if the kernel development, at some point, decides to get rid of the suid stuff, and replace it by something CAP* based, then this will be fun, as it is then possible to modify the attributes of immutable files without CAP_IMMUTABLE ... > Not sure if any standard covers this, but it does not seem to be > a problem. okay, I have to handle this in linux-vserver anyway, so I just wanted to know if this was on purpose or accidentially ... > I suppose v2.6 behaves the same? yep, it does ... best, Herbert ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2004-05-31 16:08 UTC | newest] Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2004-05-17 18:51 file attributes (ext2/3) in 2.4.26 Herbert Poetzl 2004-05-20 21:59 ` Marcelo Tosatti 2004-05-20 22:48 ` Herbert Poetzl 2004-05-31 15:05 ` Marcelo Tosatti 2004-05-31 16:08 ` Herbert Poetzl
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).