I'm using a script that creates file systems for specific users. One of the last operations of the script is a chown -R of the mount point to the user. This has the side effect to make the user the owner of the lost+found directory. Is this a problem? I suppose fsck will be able to use the directory anyway but this could have other issues (access to recovered files, etc...)?
Asked
Active
Viewed 5,225 times
3
xenoid
- 8,648
- 1
- 24
- 47
2 Answers
2
fsck can use the directory, it doesn’t appear to care about its ownership (at least, e2fsck doesn’t...). (In case it’s not obvious, fsck operates on file systems directly, so the operating system’s controls on file access don’t apply. All fsck needs is to be able to read and write to the device or file containing the file system.)
As you surmise the owner of the directory can at least view its content’s metadata (not that this is all that useful since the names are lost); the traditional root ownership of lost+found ensures that only system administrators can see what files are in there, and delete files from lost+found. Files which are linked into lost+found preserve their own ownership and permissions, so their contents are protected as appropriate. Furthermore since these are user-specific file systems, presumably they have access to all their contents anyway, so exposing file metadata in lost+found doesn’t change the security profile of the system.
Stephen Kitt
- 411,918
- 54
- 1,065
- 1,164
-
is there any issue if a user put some files into this folder since a user now has access to it? – Afriza N. Arief Nov 19 '18 at 02:50
0
The only user who really needs access to the lost+found directory is the user that runs fsck. Since that's usually done with root permissions, it shouldn't really make a difference if ownership is changed to a non-root user.
Probably the only thing it will change is that the non-root user will be able to read and write in the lost+found directory. This is normally restricted to users with elevated privileges. However, I don't know whether files will inherit permissions from the directory such that a non-root user will be able to read any files created by a fsck process running as root that are deposited in that directory.
Tim Kennedy
- 19,369
- 4
- 38
- 58
-
1The user running `fsck` doesn’t even need access to `lost+found`, only to the device owning the file system. – Stephen Kitt Sep 24 '18 at 13:48
-
interesting. I didn't know it was device level access only required. – Tim Kennedy Sep 24 '18 at 13:49