[Bug 1051901] Re: Files hardlinked to others may be set to zero size

Matthias Klose doko at ubuntu.com
Mon Sep 17 10:58:13 UTC 2012


** Package changed: bash (Ubuntu) => ubuntu

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1051901

Title:
  Files hardlinked to others may be set to zero size

Status in Ubuntu:
  New

Bug description:
  Install Ubuntu 12.04, then upgrade to the latest kernel-image. Create
  a filesystem like:

  mkdir orig

  move various picture files into "orig", then do

  ln orig/* .

  now you'll have a directory with the original files in "orig" and
  hardlinked copies in "."

  Next start up digikam, work on these hardlinked pictures: change them,
  add or delete comments, upload them ...

  Next step: run

  find . -size 0

  You'll find all pictures you've worked on in "orig" to show up with
  size 0!

  The original data contained in these is lost. No recover. The files
  are actually of zero size! It is not only digicam, but others to: as
  soon as a file is read, and then overwritten, all not opened
  hardlinked files show zero size. Only the one file you've opened keeps
  its size and holds data.

  I've found this behaviour with:
  - digikam
  - rsync
  - kate

  I am assuming the kernel not korrectly handling hardlinks under
  certain circumstances.

  Only possible workaround at the moment: do not use hardlinks! Copy
  files!

  The bug may be used to zero out configuration files and, if they are
  empty gain access to things no access was granted, if you do

  ln /etc/configfile /home/user/configfile

  then work on /home/user/configfile. /etc/configfile will, after this
  operation, have size 0 and hold nothing. It is at least possible to
  use it for denial of service, if services depend on configfiles and do
  not accept empty ones.

  ProblemType: Bug
  DistroRelease: Ubuntu 12.04
  Package: bash 4.2-2ubuntu2
  Uname: Linux 3.4.10 x86_64
  ApportVersion: 2.0.1-0ubuntu13
  Architecture: amd64
  Date: Mon Sep 17 12:29:14 2012
  InstallationMedia: Xubuntu 11.10 "Oneiric Ocelot" - Release amd64 (20111012)
  ProcEnviron:
   LANGUAGE=de_DE:en
   TERM=screen-bce
   PATH=(custom, user)
   LANG=de_DE.UTF-8
   SHELL=/bin/bash
  SourcePackage: bash
  UpgradeStatus: Upgraded to precise on 2012-07-16 (62 days ago)
  modified.conffile..etc.bash.bashrc: [modified]
  modified.conffile..etc.skel..bashrc: [modified]
  mtime.conffile..etc.bash.bashrc: 2012-07-16T19:54:47.049684
  mtime.conffile..etc.skel..bashrc: 2012-07-16T19:42:08.188571

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+bug/1051901/+subscriptions




More information about the foundations-bugs mailing list