On my machine, the umask for root makes it so that pokeball is not readable by world.
The last command, "cat pokeball" will fail lacking permission.
So the test should include a "chmod 0404 pokeball". dirtyc0w.c does it.
Also. The exploit seems to depend on the user having read access to the file. From a user session, I was looping "./d pokeball miltank" repeatedly and in a root session, cat-ing the file and it never changed to miltank.
On my machine, the umask for root makes it so that pokeball is not readable by world. The last command, "cat pokeball" will fail lacking permission.
So the test should include a "chmod 0404 pokeball". dirtyc0w.c does it.
Also. The exploit seems to depend on the user having read access to the file. From a user session, I was looping "./d pokeball miltank" repeatedly and in a root session, cat-ing the file and it never changed to miltank.