File protection mystery

Hal Murray hmurray at megapathdsl.net
Tue Jan 2 22:01:00 UTC 2018


I've been experimenting with running ntpd as setuid ntp.

I can't figure out how it is reading my keys file.


-r--------. 1 root root 1072 Oct  5  2015 /etc/ntp/ntpkey_MD5key_deb2.example.
com.3653024474
lrwxrwxrwx. 1 root root   41 Dec  3  2016 /etc/ntp/ntp.keys -> 
ntpkey_MD5key_deb2.example.com.3653024474

That should be readable only by root, right?


-rwsr-sr-x 1 ntp ntp 1413728 Dec 31 00:18 /usr/local/sbin/ntpd

That should run as user ntp, right?

 2 Jan 13:52:54 ntpd[12368]: AUTH: authreadkeys: reading /etc/ntp/ntp.keys
 2 Jan 13:52:54 ntpd[12368]: AUTH: authreadkeys: added 20 keys

My start scripts still contain -u ntp:ntp, but when started by hand without 
that, it ends up running as ntp.

Can anybody explain how this is "working"?


-- 
These are my opinions.  I hate spam.





More information about the devel mailing list