apport permission error
Alex Murray
alex.murray at canonical.com
Mon Feb 17 10:32:15 UTC 2020
On Thu, 2020-02-13 at 10:13:28 +1030, Brian Murray wrote:
> I've recently been investigating a bug[1] where whoopsie-upload-all,
> provided by apport, is unable to add extra details to crash reports.
> This happens when the crash report has the following attributes:
>
> -rw-r----- 1 bdmurray whoopsie 194K Feb 7 15:22 _usr_bin_seeded-in-ubuntu.1000.crash
>
> It's worth noting whoopsie-upload-all is run as root. I've discovered
> that changing /proc/sys/fs/protected_regular from 1 to 0 allows
> whoopsie-upload-all to write to the file. I imagine that apport is not
> the only application affected by this setting.
>
> What is the practical benefit of having protected_regular set to 1?
>
This is a general hardening mechanism which aims to prevent a certain
class of attacks - for instance, an application creates a file in /tmp
containing commands to later execute as root - and because it uses a
predictable filename a local user could pre-create that file in /tmp
with their own commands to be executed instead - and so obtain a root
privilege escalation in the process. In the case of whoopsie-upload-all,
since this also runs as root and processes a user-controlled file (ie
the crash dump) I think this makes sense to still apply as a hardening
measure so that if say there was a parser bug or similar in
whoopsie-upload-all that could be triggered when parsing the crash dump,
this would then be prevented in this case.
As such, I would not wish to see Ubuntu drop having protected_regular=1.
> [1] http://launchpad.net/bugs/1848064
>
> Thanks!
> --
> Brian Murray
More information about the kernel-team
mailing list