On Nov 20, 2007 1:46 PM, Les <hlhowell@xxxxxxxxxxx> wrote: > HI, Dave, > This is a "lock" file, used to prevent multiple access to another file. Thanks Les, but 'what is it?' was not the question. Why would a lock file need to have world execute permissions, owner (root) read/write, and SUID bit set? Harmless mistake? Sinister sneakiness? World executable, owned by root, setuid, sounds pretty fishy. The only thing that prevents me from panicking already is that the file is empty. But I've heard of stranger things than this leaving a backdoor open. I just shut down haldaemon, erased the lock file, and restarted haldaemon, and now it is world-readable, root executable, and with the t-bit set, which I don't remember what it means. Maybe haldaemon uses the permissions as a sort of semaphore? Doesn't seem broken - yet. #[root@linoleum archive]# ls -la /media/.hal-mtab-lock ---x---r-t 1 root root 0 Nov 20 15:27 /media/.hal-mtab-lock Dave > When the other file [snip] > > > > #ls -la /media/.hal-mtab-lock > > -rwS-----x 1 root root 0 Jun 25 12:44 /media/.hal-mtab-lock > > > > # file /media/.hal-mtab-lock > > /media/.hal-mtab-lock: setuid empty > > > > I find this strange. By googling I get the impression it is a valid > > hald file, but why the weird permissions?
