[Yaffs] Permission denied when non-root

Charles Manning Charles.Manning@trimble.co.nz
Mon, 7 Feb 2005 12:20:30 +1300 

Do people prefer this the way it is or should the default permissions be
changed?

The way I see it, the current set up is perhaps more secure by default
(ie. The permissions can be opened up after mount, in a controlled way).

Whatever people prefer, I'm happy with.

-- Charles




> -----Original Message-----
> From: yaffs-admin@stoneboat.aleph1.co.uk=20
> [mailto:yaffs-admin@stoneboat.aleph1.co.uk] On Behalf Of Luc=20
> Van Oostenryck
> Sent: Monday, 7 February 2005 2:24 a.m.
> To: yaffs@stoneboat.aleph1.co.uk
> Subject: Re: [Yaffs] Permission denied when non-root
>=20
>=20
> Karl Olsen wrote:
> > Hello all,
> >=20
> > I am having a problem with switching to a non-root user on my=20
> > AT91RM9200-based ARM system.  I am using Linux 2.6.10 with the=20
> > AT91RM9200 patch from http://maxim.org.za/AT91RM9200/2.6/ (fixed so=20
> > that NAND support
> > works) and the Yaffs patches by Frank Rowand, and a=20
> statically linked
> > Busybox 1.00.  / is on a Yaffs partition.
> >=20
> > # mount
> > /dev/mtdblock1 on / type yaffs (rw,noatime)
> > /dev/mtdblock0 on /boot type yaffs (ro,noatime)
> > none on /proc type proc (rw,nodiratime)
> >=20
> > Everything works fine when I'm root, and I can run Busybox commands=20
> > and
> > read
> > and write files.  But when I do a "su karl" it says:
> >=20
> > / # su karl
> > su: cannot run /bin/sh: Permission denied
> >=20
> > /etc/passwd contains:
> > root:x:0:0:root:/root:/bin/sh=20
> > karl:x:500:100:KarlOlsen:/home/karl:/bin/sh
> >=20
> > # ls -l -d /bin
> > drwxr-xr-x    1 root     root          512 Jan  1 00:00 bin
> >=20
> > /bin/sh is a symlink pointing to /bin/busybox:
> > -rwxrwxrwx    1 root     root       438260 Jan  1 00:00 busybox
> >=20
> > I have tried replacing /bin/sh in /etc/passwd with other=20
> commands, but=20
> > I always get the Permission denied.  The Busybox source=20
> shows that it=20
> > successfully changes identity to uid=3D500 and gid=3D100 and cd's to =
my=20
> > home directory but fails at the execv() that tried to run /bin/sh.
> >=20
> > I tried the same with an initrd with romfs, and with that,=20
> it worked. =20
> > But romfs doesn't seem to implement uid and gid for its=20
> > files/directories.
> >=20
> > Does anybody know if this problem can be related to Yaffs? =20
> Does the=20
> > Yaffs filesystem have (hidden) mount options that can deny=20
> execution=20
> > for non-root?
>=20
> Yes and no, the default permissions for yaffs root directory=20
> is 0666 thus the directory is not accessible for non root.=20
> Changing the permissions of the root dir to 0777 (or better=20
> to 0755) cure the problem until the next reboot.
>=20
> The following patch solve the problem permanently:
> ----
> diff -r1.14 yportenv.h
> 102c102
> < #define YAFFS_ROOT_MODE                               0666
> ---
> > #define YAFFS_ROOT_MODE                               0755
> ----
>=20
> > Regards,
> > Karl Olsen
>=20
>=20
> Luc Van Oostenryck
>=20
>=20
> _______________________________________________
> yaffs mailing list
> yaffs@stoneboat.aleph1.co.uk=20
> http://stoneboat.aleph1.co.uk/cgi-> bin/mailman/listinfo/yaffs
>=20