Mailinglist Archive: opensuse-bugs (5295 mails)

< Previous Next >
[Bug 849720] "at" command immediately exit with: Cannot create atjob file /var/spool/atjobs/...: Permission denied

https://bugzilla.novell.com/show_bug.cgi?id=849720

https://bugzilla.novell.com/show_bug.cgi?id=849720#c1


Michal Vyskocil <mvyskocil@xxxxxxxx> changed:

What |Removed |Added
----------------------------------------------------------------------------
Priority|P5 - None |P1 - Urgent
Status|NEW |ASSIGNED
CC| |meissner@xxxxxxxx,
| |security-team@xxxxxxx

--- Comment #1 from Michal Vyskocil <mvyskocil@xxxxxxxx> 2013-11-11 12:22:06
UTC ---
Following like looks suspicious

setresuid32(-1, 1008, -1) = 0

This changes the effective user id back from root. Comparing to 12.2, the at.c
has been changed this way

@@ -296,14 +325,18 @@
* bit. yes, this is a kluge.
*/
cmask = umask(s_irusr | s_iwusr | s_ixusr);
+ seteuid(real_uid);
if ((fd = open(atfile, o_creat | o_excl | o_trunc | o_wronly, s_irusr)) ==
-1)
perr("cannot create atjob file %.500s", atfile);
+ seteuid(effective_uid);

so it seems that code now assumes at least group writable /var/spool/atjobs/?
But as it does not seem to preserve egid, chmod g+w did not worked.

--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

< Previous Next >
References