Seth, thanks for the explanation. You learn something every day. I've been hacking away for almost 40 years now, and I hadn't considered how unlink() could be used to bypass access permissions.
You had me ROTFL with your thoughts on apprenticeships in information security. :-) Steve Steve Gooberman-Hill Skype: steve.gooberman.hill On 3 May 2018 at 00:22, Seth Arnold <1767...@bugs.launchpad.net> wrote: > On Wed, May 02, 2018 at 07:07:51AM -0000, steve gooberman-hill wrote: > > I'm agreed that this is the way the system permissions work. But, did you > > see the comment I added to the bug report? > > Hi Steve, indeed I did. > > > Further investigation shows that file ownership is also ignored > > If I change the ownership and permissions of the file, then they are > > ignored by the Brightness & Lock app > > > > eve@steve-laptop:~$ ls -l ~/.config/dconf/user > > -rw-r--r-- 1 steve eve 15965 Apr 28 10:37 /home/eve/.config/dconf/user > > > > ==> Alter lock settings using "Brightness & Lock" app > > > > eve@steve-laptop:~$ ls -l ~/.config/dconf/user > > -rw-rw-r-- 1 eve eve 15965 Apr 28 11:13 /home/eve/.config/dconf/user > > > > > > Eve is no longer the file owner, but is in the group (and she is not in > the > > sudo group), so I don't believe that any process she is running should be > > able to change the file permissions and ownership. So I am guessing that > > the screen locking process is either not run by the user, or it is > running > > with elevated privileges, which enable it to overwrite the file with a > > different privilege set. > > Eve owns the directory /home/eve/.config/dconf/. Thus a process running > as Eve can unlink() any file in this directory regardless of who owns > the file or what permissions are on the file. Then it creates a new > file with any contents -- as you've seen here. > > > However, I am not convinced that the existing behaviour is desirable - > > because the screen locking process appears not to check the file > > permissions and ownership, and uses it's elevated privilege status to > > overwrite them. > > The screen locking mechanism does not have elevated privileges. It just > runs as her. The assumption is she's the one who wants to protect her > session when she walks away momentarily. > > > PS. FWIW Eve is thankfully not interested in Unix system hacking. Social > > engineering on her parents seems a better way to get increased access to > > funny cat videos :-) > > Such a pity, I've heard there's a world-wide shortfall of roughly a > million information security professionals. Practicing how to bypass > access controls on childhood computers is a time-honoured traditional > education for the field. > > Of course social engineering is also a useful skill. :) > > Thanks Steve > > -- > You received this bug notification because you are subscribed to the bug > report. > https://bugs.launchpad.net/bugs/1767618 > > Title: > system Brightness & Lock app ignores file permissions > > Status in gnome-screensaver package in Ubuntu: > Won't Fix > > Bug description: > The "Brightness & Lock" app in "System Settings" is ignoring file > permissions. > > As a sudoo group user, I wish to restrict another user's ability to > change their user settings (particularly the screen lock settings), so > they can't switch the lock off > > (I want to restrict my daughter's access to the laptop, so I control > the password to her account - but she has worked out that she can turn > the screen lock off) > > Using sudo privileges I can change the file permissions on her > dconf/user settings > > steve@steve-laptop:/home/eve$ sudo chmod ug-w ~eve/.config/dconf/user > steve@steve-laptop:/home/eve$ sudo ls -l ~eve/.config/dconf/user > -r--r--r-- 1 eve eve 15965 Apr 28 10:34 /home/eve/.config/dconf/user > > If I then switch to her account, and use the system settings > "Brighness & Lock" app to switch the lock off. I then check the file > permissions on her dconf/user account, and find > > eve@steve-laptop:/home/eve$ sudo ls -l ~eve/.config/dconf/user > -rw-rw-r-- 1 eve eve 15965 Apr 28 10:37 /home/eve/.config/dconf/user > > I don't believe that any user should have permission to overwrite this > file if it has read-only permissions > > ProblemType: Bug > DistroRelease: Ubuntu 16.04 > Package: gnome-screensaver 3.6.1-7ubuntu4 > ProcVersionSignature: Ubuntu 4.4.0-119.143-generic 4.4.114 > Uname: Linux 4.4.0-119-generic x86_64 > ApportVersion: 2.20.1-0ubuntu2.15 > Architecture: amd64 > CurrentDesktop: Unity > Date: Sat Apr 28 10:49:12 2018 > GnomeSessionIdleInhibited: No > GnomeSessionInhibitors: None > GsettingsGnomeSession: > org.gnome.desktop.session session-name 'ubuntu' > org.gnome.desktop.session idle-delay uint32 0 > SourcePackage: gnome-screensaver > UpgradeStatus: Upgraded to xenial on 2016-10-18 (556 days ago) > > To manage notifications about this bug go to: > https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1767618/+ > subscriptions > -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1767618 Title: system Brightness & Lock app ignores file permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1767618/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
