Ticket #4382 (new defect)

Opened 2 years ago

Last modified 2 years ago

MC editor running under root cannot save files not belonging to the root user in /tmp

Reported by: birdie Owned by:
Priority: major Milestone: Future Releases
Component: mc-core Version: 4.8.28
Keywords: Cc:
Blocked By: Blocking:
Branch state: no branch Votes for changeset:

Description

The error is "Save as: Cannot save file"

OS: Fedora 36
MC: 4.8.28

tmpfs on /tmp type tmpfs (rw,nosuid,nodev,relatime,seclabel)

Yet, in the root session:

echo 123 >> /tmp/testfile

works just fine, so this is a bug in MC.

strace shows

symlink("root@localhost.localdomain.481116", "/tmp/.#testfile") = 0
newfstatat(AT_FDCWD, "/tmp/testfile", {st_mode=S_IFREG|0755, st_size=8341, ...}, 0) = 0
chown("/tmp/testfile", 1000, 1000)       = 0
chmod("/tmp/testfile", 0100755)          = 0
openat(AT_FDCWD, "/tmp/testfile", O_WRONLY|O_CREAT|O_TRUNC, 0100755) = -1 EACCES (Permission denied)

In other directories, i.e. real mounted filesystems, this bug doesn't occur.

Change History

comment:1 Changed 2 years ago by ossi

the problem is presumably not tmpfs, but the fact that the directory is sticky.
from the openat() manual:

       EACCES Where   O_CREAT   is  specified,  the  protected_fifos  or  pro‐
              tected_regular sysctl is enabled, the file already exists and is
              a  FIFO  or  regular  file, the owner of the file is neither the
              current user nor the owner of the containing directory, and  the
              containing  directory  is  both  world-  or  group-writable  and
              sticky.  For details, see the descriptions of  /proc/sys/fs/pro‐
              tected_fifos and /proc/sys/fs/protected_regular in proc(5).

so presumably you have some security setting enabled which makes root not all-powerful.

comment:2 Changed 2 years ago by birdie

I'm using Fedora Linux 36 with default settings.

This warrants an investigation and fix. This is not some odd obscure distro, Fedora is one of the most important Linux distros out there.

comment:3 Changed 2 years ago by ossi

i don't think there is a whole lot to investigate here.

things will probably work fine if you select "safe save" save mode.

comment:4 Changed 2 years ago by birdie

My root user is not any more limited than what the default Fedora installation has.

If you're OK with the status quo under Fedora and RHEL, as well as their derivatives (we are talking about a dozen of distros) it's worth closing this bug report.

Note: See TracTickets for help on using tickets.