[DragonFlyBSD - Bug #2817] (Resolved) Permission checking for utimes(2) and friends are not properly honoured

bugtracker-admin at leaf.dragonflybsd.org bugtracker-admin at leaf.dragonflybsd.org
Tue Jun 18 09:55:25 PDT 2019


Issue #2817 has been updated by liweitianux.

Status changed from New to Resolved

This issue was answered and can be closed.

----------------------------------------
Bug #2817: Permission checking for utimes(2) and friends are not properly honoured
http://bugs.dragonflybsd.org/issues/2817#change-13705

* Author: stateless
* Status: Resolved
* Priority: Normal
* Assignee: dillon
* Category: Kernel
* Target version: 
----------------------------------------
Changing the access and modification times of a file to anything other than
the current time can only be done by the owner of the file or the super-user as per
POSIX.

At present it is possible to do so just by having write access to the file.

A simple example follows:

touch foo; chown root:user foo; chmod 664 foo; touch -t 200805101024 foo

The last operation should normally fail.

I noticed this as part of my work on adding support for utimensat().  I believe
the fix can be consolidated outside of the implementation of the utimes/utimensat
system calls.




-- 
You have received this notification because you have either subscribed to it, or are involved in it.
To change your notification preferences, please click here: http://bugs.dragonflybsd.org/my/account


More information about the Bugs mailing list