[pulseaudio-discuss] Failed to create secure directory with ACL
Alexander E. Patrakov
patrakov at gmail.com
Thu Apr 17 05:09:06 PDT 2014
17.04.2014 17:15, Tanu Kaskinen wrote:
> On Mon, 2014-04-07 at 14:11 +0200, Prunk Dump wrote:
>> But the following commands in terminal :
>>
>> $mkdir /home/teachers/pellegrb/.pulse
>> $chown 3000137:3000038 /home/teachers/pellegrb/.pulse
>> $chmod 0700 /home/teachers/pellegrb/.pulse
>> $ls -al /home/teachers/pellegrb
>>
>> drwxrwx---+ 2 pellegrb teachers 0 avril 7 14:02 .pulse
>
> So the file system ignores the mode that is given to mkdir and chmod. Is
> the result same if you pass --mode=0700 to mkdir?
>
> I'm not sure what would be the best fix. Maybe pa_make_secure_dir()
> could take another mode parameter that says what are the minimum
> permissions needed, and then instead of the "(st.st_mode & 0777) != m"
> check at the end, we'd use "(st.st_mode & min_permissions) !=
> min_permissions".
Well, the problem here is that the CIFS server gives extra unwanted
access rights to the directory. So PulseAudio rightfully complains.
However, in some cases (e.g. on CIFS and other non-native filesystems),
this error is not actionable.
Your suggestion with min_permissions would silently accept a server that
chmods all files to 0777 as secure, so please don't do that blindly.
Instead, I suggest to ignore fchown() failures that are not even
supposed to be actionable and are not security-relevant, with a warning.
IMHO a good heuristic to decide whether to propagate fchown() failures
would be uid != -1, or, equivalently, a test for system mode.
--
Alexander E. Patrakov
More information about the pulseaudio-discuss
mailing list