Security issue with .desktop files revisited
Joerg Barfurth
Joerg.Barfurth at Sun.COM
Tue Mar 28 15:57:05 EEST 2006
Thiago Macieira wrote:
> We could abuse the sticky bit for that. What's also interesting, it would
> show a "t" or "T" in the output of ls -l.
>
> It has no effect on text files on Linux, nor on executables. However, the
> man page for "chmod" says that, on some systems, only the superuser can
> set the sticky bit. Does anyone know what such systems might be?
>
From Solaris man-pages:
chmod(1):
[...] Only the super-user may
set the sticky bit on a non-directory file.
If you are not super-user, chmod will mask
the sticky-bit but will not return an error.
chmod(2):
If the process is not a privileged process and the file is
not a directory, mode bit 01000 (save text image on execu-
tion) is cleared.
[...]
If a regular file is not executable and has S_ISVTX set, the
file is assumed to be a swap file. In this case, the
system's page cache will not be used to hold the file's
data. If the S_ISVTX bit is set on any other file, the
results are unspecified.
So neither does this bit have no effect, nor can it be set by ordinary
users.
I'd assume other Unixes with a common ancestor would behave similarly.
- Jörg
--
Joerg Barfurth phone: +49 40 23646662 / x66662
Software Engineer mailto:joerg.barfurth at sun.com
Desktop Technology http://reserv.ireland/twiki/bin/view/Argus/
Thin Client Software http://www.sun.com/software/sunray/
Sun Microsystems GmbH http://www.sun.com/software/javadesktopsystem/
More information about the xdg
mailing list