On Tue, Oct 5, 2010 at 4:50 PM, Alexander Best <[email protected]> wrote: > hi there, > > i think the following example shows the problem better than a long > explanation: > > `touch ftest && chflags arch ftest && chflags -vv 0 ftest`. > ^^non-root ^^root ^^non-root > > chflags claims to have cleared the 'arch' flag (which should be impossible as > non-root user), but indeed has done nothing. > > i've tried the same with 'sappnd' and that works as can be expected. > > The issue was confirmed to exist in HEAD (me), stable/8 (pgollucc1, jpaetzel) > and stable/7 (nox). > On stable/6 it does NOT exist (jpaetzel). chflags properly fails with EPERM.
Fails for me when I call the syscall directly, as I would expect,
and passes when I'm superuser:
$ ./test_chflags
(uid, euid) = (1000, 1000)
test_chflags: chflags: Operation not permitted
test_chflags: lchflags: Operation not permitted
$ sudo ./test_chflags
(uid, euid) = (0, 0)
According to my basic inspection in strtofflags
(.../lib/libc/gen/strtofflags.c), it works as well.
And last but not least, executing the commands directly on the CLI work:
$ tmpfile=`mktemp /tmp/chflags.XXXXXX`
$ chflags arch $tmpfile
chflags: /tmp/chflags.nQm1IL: Operation not permitted
$ rm $tmpfile
$ tmpfile=`mktemp /tmp/chflags.XXXXXX`
$ sudo chflags arch $tmpfile
$ sudo chflags noarch $tmpfile
$ rm $tmpfile
Your results may (but shouldn't) vary [unless your environment is
setup differently]...
Please note that I'm using UFS2 with SUJ... not all filesystems
support this (ext2/3/4? msdosfs? ZFS?), so I would be careful about
which filesystem you pick and whether or not there's a bug where it's
not properly identifying that the operation you're attempting to
perform is valid.
Thanks,
-Garrett
$ uname -a
FreeBSD bayonetta.local 9.0-CURRENT FreeBSD 9.0-CURRENT #9 r211309M:
Thu Aug 19 22:50:36 PDT 2010
[email protected]:/usr/obj/usr/src/sys/BAYONETTA amd64
test_chflags.c
Description: Binary data
_______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[email protected]"
