Mailinglist Archive: opensuse-bugs (5295 mails)

< Previous Next >
[Bug 849720] "at" command immediately exit with: Cannot create atjob file /var/spool/atjobs/...: Permission denied

https://bugzilla.novell.com/show_bug.cgi?id=849720

https://bugzilla.novell.com/show_bug.cgi?id=849720#c2


--- Comment #2 from Sebastian Krahmer <krahmer@xxxxxxxx> 2013-11-11 14:00:54
UTC ---
Indeed, their logic seems wrong.

The whole writefile() code is surrounded by PRIV_START/PRIV_END,
so the creation of lockfile succeeds. This however is in the
same directory, so the creation of the spoolfile should
also require the same privs. But for some reason they
reduce/restore the privs for the open(atfile...) *inside*
their guarded PRIV_START/PRIV_END.

I think they might assume /usr/bin/at to be setgid "trusted",
e.g. mode 06755. and /var/spool/atjobs to be trusted+w.

However then their logic is still weird, as then there
dont need to be PRIV_START/PRIV_END.

--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

< Previous Next >
References