rmdir syscall does not check dir permissions
Asked by
Andrii Shestakov
Hello
In case when user has no permissions to read directory it is still possible to get know is that directory empty or not.
Steps to reproduce:
mkdir -p 1 2/3
chmod -rwx 1 2
ls -l 1
ls: cannot open directory '1': Permission denied
ls -l 2
ls: cannot open directory '2': Permission denied
rmdir 1
rmdir 2
rmdir: failed to remove '2': Directory not empty
It is not possible to get directory content nor delete it if not empty. But possible to get weather it is empty or not.
Could it be security bug which should be fixed or it is completely expected behavior?
Thanks
Question information
- Language:
- English Edit question
- Status:
- Answered
- For:
- Ubuntu Edit question
- Assignee:
- No assignee Edit question
- Last query:
- Last reply:
Can you help with this problem?
Provide an answer of your own, or ask Andrii Shestakov for more information if necessary.
To post a message you must log in.