search

ish-app / ish

Linux shell for iOS
https://ish.app
Other
16.36k stars 858 forks source link

Non-root users can change modes for root-owned files and directories #2197

Open hello-smile6 opened 10 months ago

hello-smile6 commented 10 months ago

For some reason, non-root users can change modes on files and directories owned by root (e.g. /root).

Steps to reproduce

  1. Open iSH
  2. Check ls -lahd /root
  3. Add a new user nonroot.
  4. Do su nonroot -c "chmod o+rx /root"
  5. Check ls -lahd /root again.

    Full test

    ls -lahd /root
adduser -S -D -H nonroot
su nonroot -c "chmod o+rx /root"
ls -lahd /root
deluser nonroot
hello-smile6 commented 10 months ago

It seems like the same issue exists for chown.

freebrowser1 commented 10 months ago

Maybe because this is a prooted / chrooted Linux running inside iOS like Andronix / Termux on Android ?

hello-smile6 commented 10 months ago

@freebrowser1 iSH emulates kernel things, so that shouldn't be the case.