[DragonFlyBSD - Bug #2817] (New) Permission checking for utimes(2) and friends are not properly honoured
bugtracker-admin at leaf.dragonflybsd.org
bugtracker-admin at leaf.dragonflybsd.org
Thu May 21 07:59:19 PDT 2015
Issue #2817 has been reported by stateless.
----------------------------------------
Bug #2817: Permission checking for utimes(2) and friends are not properly honoured
http://bugs.dragonflybsd.org/issues/2817
* Author: stateless
* Status: New
* Priority: Normal
* Assignee:
* Category: Kernel
* Target version:
----------------------------------------
Changing the access and modification times of a file to anything other than
the current time can only be done by the owner of the file or the super-user as per
POSIX.
At present it is possible to do so just by having write access to the file.
A simple example follows:
touch foo; chown root:user foo; chmod 664 foo; touch -t 200805101024 foo
The last operation should normally fail.
I noticed this as part of my work on adding support for utimensat(). I believe
the fix can be consolidated outside of the implementation of the utimes/utimensat
system calls.
--
You have received this notification because you have either subscribed to it, or are involved in it.
To change your notification preferences, please click here: http://bugs.dragonflybsd.org/my/account
More information about the Bugs
mailing list