From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-dev+bounces-79415-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id AA984139085
	for <garchives@archives.gentoo.org>; Sun, 29 Jan 2017 22:32:53 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 79C1123403B;
	Sun, 29 Jan 2017 22:32:44 +0000 (UTC)
Received: from mail-wm0-x244.google.com (mail-wm0-x244.google.com [IPv6:2a00:1450:400c:c09::244])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 1237423401B
	for <gentoo-dev@lists.gentoo.org>; Sun, 29 Jan 2017 22:32:43 +0000 (UTC)
Received: by mail-wm0-x244.google.com with SMTP id r18so1924164wmd.3
        for <gentoo-dev@lists.gentoo.org>; Sun, 29 Jan 2017 14:32:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=subject:to:references:from:message-id:date:user-agent:mime-version
         :in-reply-to:content-transfer-encoding;
        bh=BOrrKI8E259zukgF0Qg70ukL1Tb0gfIlzi3twpo2MQA=;
        b=UZJwx9c5Mis4+j61yQIUDE1g5zbme/3soFvwY2CN6tKb+9UsyqFAbVvFtfOWA7rYjx
         eCByKzJu8fW+TM73FtDvdrt+iyCf0CpRz28inat8+hhEWmhJVrR8SZD43BvA4qGEfnDY
         rfyVUWVsVKsyZ7koey1SgWJKlUU6djT6P2co8g0o2SYCL4mLN5wrcIH/M4T4ReDvyWpc
         thd/Np0kHpbAt4RO5+nwCEuNVEw8jyJLCSdDLASkPDQlhTwL6pToQAakS9ff5vqG0raB
         bazDUE3z7AUiTNDk4+LG/2j7CpUL90DkSL7+0xED7xzL3hIl50S3NZ4RJNsfzv3loJWO
         R1oA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:subject:to:references:from:message-id:date
         :user-agent:mime-version:in-reply-to:content-transfer-encoding;
        bh=BOrrKI8E259zukgF0Qg70ukL1Tb0gfIlzi3twpo2MQA=;
        b=hmuJpmVuv/pCMqmRNj9pjZnT4VWyGYbLqopjiTrhwNOuWhEUaxTgSWc3RnUD1pO7OI
         uI+4odaCnsF28zs0SeoBCtRGA0wwmIipScdjypjc/9Po5jroVBCodjpx50h5jZv22qs8
         VcHkKKjWls2Ue3Ze/NxfdKmOF7zMWDjseCKuhN+HtNiZhGlr5iBm7+WP3mgtO+qTTahb
         IFW9z9vz6jMH8t/Dkf9a44JejVmJ4VuA0qayjpQB4mKaBgYXzn4rJuI/EHFkYUJVG0NQ
         kzCD3FvC/VaKvuI09I72DC8ONaRaq3NZJJrnOfzF7OdRnbMyYRp58Wy01cb2djOAubaD
         +8eg==
X-Gm-Message-State: AIkVDXI/g6MgfI5IAFWGF6q+AnykIka6rFLepaKxGlcVpZUGxISIvZ4LzBJpsNv/wFy8rQ==
X-Received: by 10.28.111.155 with SMTP id c27mr11029946wmi.18.1485729162391;
        Sun, 29 Jan 2017 14:32:42 -0800 (PST)
Received: from [172.20.0.40] ([196.212.62.210])
        by smtp.googlemail.com with ESMTPSA id y97sm15726111wmh.24.2017.01.29.14.32.40
        for <gentoo-dev@lists.gentoo.org>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Sun, 29 Jan 2017 14:32:41 -0800 (PST)
Subject: Re: [gentoo-dev] Requirements for UID/GID management
To: gentoo-dev@lists.gentoo.org
References: <9558d41c-17c0-4bbd-e2f8-02575c6d0ecd@gentoo.org>
 <CAGfcS_=biacBM0xsy0GX3_X0mOAd3BdgHDXYorSBkmwsoQ9sgQ@mail.gmail.com>
 <ee24eb83-4430-40ff-07d0-577bc188457d@gentoo.org>
 <CAGfcS_=V+xmBU+fFbMQBH39E9-y9CUaZt9Bok80Wg6_jboHcbQ@mail.gmail.com>
 <20170127183752.500f8910@patrickm>
 <CAGfcS_kcXOa+NC5Eh_qGb95uEaaKsarjsK92jOuTpUB=P5sXxg@mail.gmail.com>
 <4a8204d4-929e-6260-957a-dcf8f82f4b24@gentoo.org>
 <c350f01e-0bf8-f7b4-cfa0-ce6a9575e5e2@gmail.com>
 <9bceefb9-f7d2-06a4-2304-d31f627f7656@gentoo.org>
 <3fd11559-004c-11f8-609a-923ebc074539@gmail.com>
 <495556ab-637c-6b21-fac0-52d3bd1e4986@gentoo.org>
From: Alan McKinnon <alan.mckinnon@gmail.com>
Message-ID: <616a4068-8581-bce6-3359-50b1ff5a817d@gmail.com>
Date: Mon, 30 Jan 2017 00:30:06 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
 Thunderbird/45.6.0
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
MIME-Version: 1.0
In-Reply-To: <495556ab-637c-6b21-fac0-52d3bd1e4986@gentoo.org>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-Archives-Salt: e174a54c-193d-45aa-86dd-805826e392af
X-Archives-Hash: 57684cdb08662aa7d2c923ae5dfec635

On 30/01/2017 00:20, Michael Orlitzky wrote:
> On 01/29/2017 05:07 PM, Alan McKinnon wrote:
>>
>> Sure it can be done, just don't chown -R <user> ~user. DO it the VERY
>> long way round, file by file. Say you changed user "awesome" uid 300 to 400:
>>
>> find / -uid 300 -exec chown awesome {} \+
>>
> 
> That will find symlinks created by UID 300, and chown will follow them
> to give "awesome" ownership of the TARGET of the symlink; an easy root
> exploit. If you are about to suggest "find -type f" or the
> "--no-dereference" flag, then beware that chown will also follow
> hardlinks and you're still screwed (albeit limited to one filesystem,
> and on vanilla kernels).
> 
> 


Good catch with symlinks.
I don't see the point about hardlinks, they are just files with 2
dentries. When find gets to the second one it's already changed, so no
problem.

But I'm sure there are plenty edge case scenarios that make this whole
process go awry, all pointing to the same conclusion:

As a dev you shouldn't even try. Let the sysadmin deal with it.
If a system user already has a UID different to the published standard,
leave it alone, it's a human's problem

-- 
Alan McKinnon
alan.mckinnon@gmail.com