17.04.2014 17:15, Tanu Kaskinen wrote: > On Mon, 2014-04-07 at 14:11 +0200, Prunk Dump wrote: >> But the following commands in terminal : >> >> $mkdir /home/teachers/pellegrb/.pulse >> $chown 3000137:3000038 /home/teachers/pellegrb/.pulse >> $chmod 0700 /home/teachers/pellegrb/.pulse >> $ls -al /home/teachers/pellegrb >> >> drwxrwx---+ 2 pellegrb teachers 0 avril 7 14:02 .pulse > > So the file system ignores the mode that is given to mkdir and chmod. Is > the result same if you pass --mode=0700 to mkdir? > > I'm not sure what would be the best fix. Maybe pa_make_secure_dir() > could take another mode parameter that says what are the minimum > permissions needed, and then instead of the "(st.st_mode & 0777) != m" > check at the end, we'd use "(st.st_mode & min_permissions) != > min_permissions". Well, the problem here is that the CIFS server gives extra unwanted access rights to the directory. So PulseAudio rightfully complains. However, in some cases (e.g. on CIFS and other non-native filesystems), this error is not actionable. Your suggestion with min_permissions would silently accept a server that chmods all files to 0777 as secure, so please don't do that blindly. Instead, I suggest to ignore fchown() failures that are not even supposed to be actionable and are not security-relevant, with a warning. IMHO a good heuristic to decide whether to propagate fchown() failures would be uid != -1, or, equivalently, a test for system mode. -- Alexander E. Patrakov
