(droppping oss-sec in order to not be too noisy) On ven., 2011-08-26 at 10:58 +0200, Yves-Alexis Perez wrote: > > You probably dont take into account the chown() that happens in lightdm. > > Just unlink the created ~/.dmrc or ~/.Xauthority files after creation and > > make a symlink > > to /etc/passwd to chown it to yourself. > > The chown will be applied to the symlink, not the target. I've tried to > make .Xauthority a symlink to a root-owned file and the destination was > indeed destroyed, but it's still root-owned.
Ok that's wrong, chown() is supposed to dereference symlinks, so I'm not sure why the target file wasn't chown()ed in my case. I've tried replacing .dmrc by a symlink to a root-owned file and, in that case: * the target file disappeared * the symlink disappeared * a new .dmrc file was written, belonging to my user so the net result is that you can simply erase any root-owned file in that case (but not overwrite it with arbitrary content, afaict). Regards, -- Yves-Alexis
signature.asc
Description: This is a digitally signed message part
