So I'm creating a bash script that downloads OpenWRT, patches it to support a Vizio XWR100 router, updates the feeds, installs symbolic links for the feeds, starts make menuconfig to configure the kernel, and then compiles the kernel.
I'm attempting to create some error checking routines. For example, the scripts obtains the current working directory (where the patches are), then it checks for the vizio_xwr100 directory to see if it exists. If it does, it removes it. If not, it creates the vizio_xwr100 directory inside the current working directory. If, for whatever reason, the rm -rf vizio_xwr100 command fails, it's supposed to error out.
The patches are currently located in the /home/spork/src/vizio_xwr100_patches/ directory. That directory is owned by spork:users. To test the error checking routine, as root, I create the /home/spork/src/vizio_xwr100_patches/vizio_xwr100 subdirectory:
I then switch to the terminal where I'm spork, and I can remove that directory:
Any ideas what's going on here? I'm not root. The directory I created as root is readable by the world and executable by the world, but it should not be removable by my user.
The id command shows I'm not root:
If spork, a non-privileged user can remove directories owned by root, I get a little worried. I tried reading files that I shouldn't have access to (ie, /etc/shadow) and I cannot read them.
This is what stat shows on that directory owned by root:
Also, /usr/bin/rm does not have the setUID bit set.
which rm shows me I'm using /usr/bin/rm....
Thanks!
I'm attempting to create some error checking routines. For example, the scripts obtains the current working directory (where the patches are), then it checks for the vizio_xwr100 directory to see if it exists. If it does, it removes it. If not, it creates the vizio_xwr100 directory inside the current working directory. If, for whatever reason, the rm -rf vizio_xwr100 command fails, it's supposed to error out.
The patches are currently located in the /home/spork/src/vizio_xwr100_patches/ directory. That directory is owned by spork:users. To test the error checking routine, as root, I create the /home/spork/src/vizio_xwr100_patches/vizio_xwr100 subdirectory:
Code:
eugene:/home/spork/src/vizio_xwr100_patches # whoami root eugene:/home/spork/src/vizio_xwr100_patches # groups root eugene:/home/spork/src/vizio_xwr100_patches # ls -ld /home/spork/src/vizio_xwr100_patches drwxr-xr-x 4 spork users 4096 Aug 8 15:25 /home/spork/src/vizio_xwr100_patches eugene:/home/spork/src/vizio_xwr100_patches # ls -ld /home/spork/src/vizio_xwr100_patches/vizio_xwr100 drwxr-xr-x 2 root root 4096 Aug 8 15:25 /home/spork/src/vizio_xwr100_patches/vizio_xwr100
Code:
spork@eugene:~/src/vizio_xwr100_patches> whoami spork spork@eugene:~/src/vizio_xwr100_patches> groups users spork@eugene:~/src/vizio_xwr100_patches> ls -ld /home/spork/src/vizio_xwr100_patches/vizio_xwr100 drwxr-xr-x 2 root root 4096 Aug 8 15:25 /home/spork/src/vizio_xwr100_patches/vizio_xwr100 spork@eugene:~/src/vizio_xwr100_patches> rm -rf /home/spork/src/vizio_xwr100_patches/vizio_xwr100 spork@eugene:~/src/vizio_xwr100_patches>
The id command shows I'm not root:
Code:
id uid=1000(spork) gid=100(users) groups=100(users)
This is what stat shows on that directory owned by root:
Code:
File: vizio_xwr100 Size: 4096 Blocks: 8 IO Block: 4096 directory Device: 804h/2052d Inode: 57413872 Links: 2 Access: (0755/drwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2017-08-08 15:36:20.041981763 -0400 Modify: 2017-08-08 15:36:20.041981763 -0400 Change: 2017-08-08 15:36:20.041981763 -0400 Birth: -
Code:
-rwxr-xr-x 1 root root 64384 May 27 13:38 /usr/bin/rm
Thanks!
Comment