On 7/18/23 14:52, Ralf Mardorf wrote:
...
if the cat paws at the keyboard, it doesn't need root privileges, it can
execute "rm /path/unified_kernel_image" with the cat's user privileges?
I think that non-root can only do that if mounted uid=<user>.
So, as far as cat-safe filesystem, isn't it no different for fat32, ext4
or btrfs?
E.g. On my system here I get cat denied :)
as root:
# findmnt -t vfat /efi0
TARGET SOURCE FSTYPE OPTIONS
/efi0 /dev/sda1 vfat ...
# ls -l /efi0/foo
0 -rwxr-xr-x 1 root root 0 Jul 18 15:06 /efi0/foo*
As user kitty:
$ rm -iv /efi0/foo
rm: remove write-protected regular empty file '/efi0/foo'? y
rm: cannot remove '/efi0/foo': Permission denied
$ ls -l /efi0/foo
0 -rwxr-xr-x 1 root root 0 Jul 18 15:06 /efi0/foo*
...I would also like to avoid fat as much as possible ... out of principle.
understood.
