[clue-tech] Filesystem quotas circumvented
Keith Hellman
khellman at mcprogramming.com
Tue Jan 18 17:18:40 MST 2005
On Tue, Jan 18, 2005 at 05:31:17PM -0500, Angelo Bertolli wrote:
> Greg Knaddison wrote:
>
> >On Tue, 18 Jan 2005 15:16:03 -0500, Angelo Bertolli
> >
> >
> >>So today I tried to do this (as user angelo):
> >>
> >>cd /
> >>sudo ls -lhRt > ~/lsr
> >>
> >>
> >>
> >
> >What happens if you remove the sudo?
> >
> >Basically I think that the sudo is over-riding your quota (just a
> >guess). If you are using sudo to get around permissions errors, why
> >not do something else that will produce great volumes, like
> >
> >
> >
> Apparently, it does have something to do with root
>
> [angelo at web1 angelo]$ yes > ~/tmp
> ide0(3,2): warning, user block quota exceeded.
> ide0(3,2): write failed, user block limit reached.
> yes: standard output: Disk quota exceeded
>
> [angelo at web1 angelo]$ sudo yes > ~/tmp
> [angelo at web1 angelo]$
> [angelo at web1 angelo]$ quota
> Disk quotas for user angelo (uid 635):
> Filesystem blocks quota limit grace files quota
> limit grace
> /dev/hda2 161476* 100000 150000 353 10000 15000
>
> However, the file created is owned by angelo
>
> I thought sudo should only apply to the command in question, for example:
>
> [angelo at web1 angelo]$ yes > /root/tmp
> bash: /root/tmp: Permission denied
> [angelo at web1 angelo]$ sudo yes > /root/tmp
> bash: /root/tmp: Permission denied
>
> Does anyone know the finer details on why this is the case?
>
I believe the difference is that
$cd /
$sudo ls -lhRt ~/lsr
creates a file owned by angelo (indeed, it is created and connected to
the child (about-to-exec-sudo) process while still having a uid of
angelo.
But, the process *writing* into ~/lsr has an effective user id of root
(it is the sudo binary). My guess is that it is the process uid & gid
that quota is considering, not the file owner's (angelo's) quota limits.
I believe this explains most of the behaviour so far:
- the initial query
- why the $yes >~/tmp is quota impaired as expected (because the 'yes'
process is uid=angelo)
- why the
$yes >/root/tmp
and the
$sudo yes >/root/tmp
had permission denied (it is still angelo's shell trying to open up
/root/tmp in both invokations, and presumably angelo doesn't have
permission to create /root/tmp). In the latter case I suspect 'sudo'
was never even execd.
What I don't quite understand is why the
$sudo yes > ~/tmp
(immediately following the $yes > ~/tmp ) didn't show a disk full error.
Was some output omitted? Was the process CTRL-C terminated? Certainly
the 'sudo yes' wrote something to the file because the shell would have
recreated and thereby truncated (the too big) ~/tmp because the
invokation is 'sudo yes > ~/tmp' not 'sudo yes >> ~/tmp'. I'm confused
why this particular invokation a) apparently respected angelo's quota
limitations whereas the original invokation did not, and b) doesn't display
sometype of terminal message (disk full or CTRL-C).
My 2c
--
Keith Hellman #include <disclaimer.h>
khellman at mcprogramming.com from disclaimer import standard
public key @ www.mcprogramming.com
"I like long walks, especially when they are taken by people who annoy
me."
-- Noel Coward
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://cluedenver.org/pipermail/clue-tech/attachments/20050119/7299471f/attachment.bin
More information about the clue-tech
mailing list