compsize icon indicating copy to clipboard operation
compsize copied to clipboard
verified publisher icon kilobyte

Setuid root?

Open jbosboom opened this issue 4 years ago • 3 comments

Could compsize be made safe to be setuid root, so that unprivileged users can check the compression of files they can read?

jbosboom avatar Apr 29 '21 07:04 jbosboom

Was there any consideration to this issue?

biggestsonicfan avatar Jul 16 '23 22:07 biggestsonicfan

I started writing a setuid helper that passes the call, but I then realized it can be much better done in the kernel, solving both permissions and performance problems.

BTRFS_IOC_TREE_SEARCH_V2 is a powerful tool, but ill-fitting for this purpose. Having an additional simple ioctl to fetch extents just for a file would be best.

kilobyte avatar Jul 17 '23 00:07 kilobyte

So basically is it safe to sudo chmod u+s /usr/bin/compsize ?

Or it would allow malicious software to get privilege escalation?

Mart-Bogdan avatar Oct 16 '23 13:10 Mart-Bogdan