Timeline for How fakeroot is not a security breach in Linux?
Current License: CC BY-SA 4.0
8 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Jul 11, 2018 at 15:48 | comment | added | ctrl-alt-delor | No it allows you to fake setting user to any user, and fake some other things. Try it: run fakeroot and look at the files from outside, try to access files, that you should not. | |
| Jul 11, 2018 at 15:25 | comment | added | ng.newbie | @ctrl-alt-decor So the only reason for fakeroot to exist is to set permissions to a file to root without being root. If that is not a security flaw then why would Linux disallow that in the first place? | |
| Jul 11, 2018 at 13:18 | history | edited | ctrl-alt-delor | CC BY-SA 4.0 |
added 429 characters in body
|
| Jul 11, 2018 at 13:12 | history | edited | ctrl-alt-delor | CC BY-SA 4.0 |
added 847 characters in body
|
| Jul 11, 2018 at 13:06 | comment | added | ng.newbie | @ctrl-alt-decor The fakeroot does not allow me to read/write/delete, but if I wrote a wrapper for the syscalls does it stand to reason that I can do those operations as well. | |
| Jul 11, 2018 at 13:02 | comment | added | ng.newbie | @ctrl-alt-decor As I have asked in the above comment, in *nix it is not possible to set the owner to root from another unprivileged user, correct? So there must a good reason for that if a program allows it, how is it not a security flaw? | |
| Jul 11, 2018 at 12:56 | history | edited | ctrl-alt-delor | CC BY-SA 4.0 |
added 188 characters in body
|
| Jul 11, 2018 at 12:49 | history | answered | ctrl-alt-delor | CC BY-SA 4.0 |