Bug #16002
Updated by SouravGoswami (Sourav Goswami) over 5 years ago
Well, on Linux Kernel 4.19+ the he fs.protected_regular and fs.protected_fifos sysctls were introduced in order to make some data spoofing attacks harder. https://github.com/systemd/systemd/blob/03b6fa0c5b51b0d39334ff6ba183a3391443bcf6/NEWS#L53 If it's enabled (and it's true by default), then if you: 1. cd /tmp 2. touch file 3. chmod 666 file # Switch to any user, but let's use root for example 4. su root 5. irb In irb: ``` ┌┄┄[root::archlinux]┈[/tmp] └──╼⮚ irb irb(main):001:0> File.writable?('ruby.rb') => true irb(main):002:0> File.stat('ruby.rb') => #<File::Stat dev=0x2d, ino=819138, mode=0100644, nlink=1, uid=1000, gid=1000, rdev=0x0, size=0, blksize=4096, blocks=0, atime=2019-07-14 04:44:13 +0530, mtime=2019-07-14 04:44:13 +0530, ctime=2019-07-14 04:44:13 +0530> irb(main):003:0> File.write('ruby.rb', '#!/usr/bin/ruby -w') Traceback (most recent call last): 3: from /root/.irb:351:in `<main>' 2: from (irb):3 1: from (irb):3:in `write' Errno::EACCES (Permission denied @ rb_sysopen - ruby.rb) irb(main):004:0> ``` Screenshots: https://imgur.com/tB4T5Jl https://imgur.com/hzc5s27 Here's a stackoverflow post: https://stackoverflow.com/a/57030460/11089758 And the same behaviour is seen in editors like nano, vi, atom, geany, code, mousepad editors. Now as Ruby's File.writable?(str) checks for the permissions, permission, it returns true. The problem can be solved with `sysctl fs.protected_regular=0`. But the issue is that File.writable?('/tmp/file') should return false if fs.protected_regular is 1 and the user is not the owner? of the file if the directory is /tmp/ on Linux. file.