Bug 145264

Summary: /var/lock has wrong permissions
Product: [Fedora] Fedora Reporter: Jonathan Scott Duff <duff>
Component: lockdevAssignee: Karel Zak <kzak>
Status: CLOSED CANTFIX QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 3   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-09-08 10:34:31 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jonathan Scott Duff 2005-01-16 06:28:16 UTC 
Description of problem:

The /var/lock directory created by the lockdev RPM has permissions
that allow multiple users to attempt access to the same device.  

This is how I found the problem: 
1. login as user A, run minicom modem
2. login as user B on the same machine but on a different terminal,
run minicom modem
  
Any device will do however.

Actual results:

Both user A and user B have access to the modem device in a
competitive sort of way

Expected results:

User B should be denied access. minicom modem for user B should return
"operation not permitted"

Additional info:

I'm not quite sure of my diagnosis, but I do know that when I changed
the permissions of /var/lock to 1775 rather than 0775, the problem
went away.
Comment 1 Karel Zak 2005-02-18 14:05:05 UTC 
The directory /var/lock is write-able for root and group 'lock'. Everyone who
can work with locks need to access to locks created by other processes and
users. You need to remove foreign lock if the original process doesn't exist.

- process A create lock
- process A crash and the lock file is still there
- process B detect that there is lock, but owner of lock doesn't running
- process B remove old lock and creates new one with own PID

See: http://www.pathname.com/fhs/pub/fhs-2.3.html