Seth, thanks for the explanation. You learn something every day. I've been hacking away for almost 40 years now, and I hadn't considered how unlink() could be used to bypass access permissions.
You had me ROTFL with your thoughts on apprenticeships in information security. :-) Steve Steve Gooberman-Hill Skype: steve.gooberman.hill On 3 May 2018 at 00:22, Seth Arnold <1767...@bugs.launchpad.net> wrote: > On Wed, May 02, 2018 at 07:07:51AM -0000, steve gooberman-hill wrote: > > I'm agreed that this is the way the system permissions work. But, did you > > see the comment I added to the bug report? > > Hi Steve, indeed I did. > > > Further investigation shows that file ownership is also ignored > > If I change the ownership and permissions of the file, then they are > > ignored by the Brightness & Lock app > > > > eve@steve-laptop:~$ ls -l ~/.config/dconf/user > > -rw-r--r-- 1 steve eve 15965 Apr 28 10:37 /home/eve/.config/dconf/user > > > > ==> Alter lock settings using "Brightness & Lock" app > > > > eve@steve-laptop:~$ ls -l ~/.config/dconf/user > > -rw-rw-r-- 1 eve eve 15965 Apr 28 11:13 /home/eve/.config/dconf/user > > > > > > Eve is no longer the file owner, but is in the group (and she is not in > the > > sudo group), so I don't believe that any process she is running should be > > able to change the file permissions and ownership. So I am guessing that > > the screen locking process is either not run by the user, or it is > running > > with elevated privileges, which enable it to overwrite the file with a > > different privilege set. > > Eve owns the directory /home/eve/.config/dconf/. Thus a process running > as Eve can unlink() any file in this directory regardless of who owns > the file or what permissions are on the file. Then it creates a new > file with any contents -- as you've seen here. > > > However, I am not convinced that the existing behaviour is desirable - > > because the screen locking process appears not to check the file > > permissions and ownership, and uses it's elevated privilege status to > > overwrite them. > > The screen locking mechanism does not have elevated privileges. It just > runs as her. The assumption is she's the one who wants to protect her > session when she walks away momentarily. > > > PS. FWIW Eve is thankfully not interested in Unix system hacking. Social > > engineering on her parents seems a better way to get increased access to > > funny cat videos :-) > > Such a pity, I've heard there's a world-wide shortfall of roughly a > million information security professionals. Practicing how to bypass > access controls on childhood computers is a time-honoured traditional > education for the field. > > Of course social engineering is also a useful skill. :) > > Thanks Steve > > -- > You received this bug notification because you are subscribed to the bug > report. > https://bugs.launchpad.net/bugs/1767618 > > Title: > system Brightness & Lock app ignores file permissions > > Status in gnome-screensaver package in Ubuntu: > Won't Fix > > Bug description: > The "Brightness & Lock" app in "System Settings" is ignoring file > permissions. > > As a sudoo group user, I wish to restrict another user's ability to > change their user settings (particularly the screen lock settings), so > they can't switch the lock off > > (I want to restrict my daughter's access to the laptop, so I control > the password to her account - but she has worked out that she can turn > the screen lock off) > > Using sudo privileges I can change the file permissions on her > dconf/user settings > > steve@steve-laptop:/home/eve$ sudo chmod ug-w ~eve/.config/dconf/user > steve@steve-laptop:/home/eve$ sudo ls -l ~eve/.config/dconf/user > -r--r--r-- 1 eve eve 15965 Apr 28 10:34 /home/eve/.config/dconf/user > > If I then switch to her account, and use the system settings > "Brighness & Lock" app to switch the lock off. I then check the file > permissions on her dconf/user account, and find > > eve@steve-laptop:/home/eve$ sudo ls -l ~eve/.config/dconf/user > -rw-rw-r-- 1 eve eve 15965 Apr 28 10:37 /home/eve/.config/dconf/user > > I don't believe that any user should have permission to overwrite this > file if it has read-only permissions > > ProblemType: Bug > DistroRelease: Ubuntu 16.04 > Package: gnome-screensaver 3.6.1-7ubuntu4 > ProcVersionSignature: Ubuntu 4.4.0-119.143-generic 4.4.114 > Uname: Linux 4.4.0-119-generic x86_64 > ApportVersion: 2.20.1-0ubuntu2.15 > Architecture: amd64 > CurrentDesktop: Unity > Date: Sat Apr 28 10:49:12 2018 > GnomeSessionIdleInhibited: No > GnomeSessionInhibitors: None > GsettingsGnomeSession: > org.gnome.desktop.session session-name 'ubuntu' > org.gnome.desktop.session idle-delay uint32 0 > SourcePackage: gnome-screensaver > UpgradeStatus: Upgraded to xenial on 2016-10-18 (556 days ago) > > To manage notifications about this bug go to: > https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1767618/+ > subscriptions > -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gnome-screensaver in Ubuntu. https://bugs.launchpad.net/bugs/1767618 Title: system Brightness & Lock app ignores file permissions Status in gnome-screensaver package in Ubuntu: Won't Fix Bug description: The "Brightness & Lock" app in "System Settings" is ignoring file permissions. As a sudoo group user, I wish to restrict another user's ability to change their user settings (particularly the screen lock settings), so they can't switch the lock off (I want to restrict my daughter's access to the laptop, so I control the password to her account - but she has worked out that she can turn the screen lock off) Using sudo privileges I can change the file permissions on her dconf/user settings steve@steve-laptop:/home/eve$ sudo chmod ug-w ~eve/.config/dconf/user steve@steve-laptop:/home/eve$ sudo ls -l ~eve/.config/dconf/user -r--r--r-- 1 eve eve 15965 Apr 28 10:34 /home/eve/.config/dconf/user If I then switch to her account, and use the system settings "Brighness & Lock" app to switch the lock off. I then check the file permissions on her dconf/user account, and find eve@steve-laptop:/home/eve$ sudo ls -l ~eve/.config/dconf/user -rw-rw-r-- 1 eve eve 15965 Apr 28 10:37 /home/eve/.config/dconf/user I don't believe that any user should have permission to overwrite this file if it has read-only permissions ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: gnome-screensaver 3.6.1-7ubuntu4 ProcVersionSignature: Ubuntu 4.4.0-119.143-generic 4.4.114 Uname: Linux 4.4.0-119-generic x86_64 ApportVersion: 2.20.1-0ubuntu2.15 Architecture: amd64 CurrentDesktop: Unity Date: Sat Apr 28 10:49:12 2018 GnomeSessionIdleInhibited: No GnomeSessionInhibitors: None GsettingsGnomeSession: org.gnome.desktop.session session-name 'ubuntu' org.gnome.desktop.session idle-delay uint32 0 SourcePackage: gnome-screensaver UpgradeStatus: Upgraded to xenial on 2016-10-18 (556 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1767618/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
