tmpfs: Deleted files keep reappearing
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
I am trying to do a number of compilations, including bisects, etc. As part of the process I delete all the files from a compilation so that everything is nice and clean. However, some of these files keep reappearing!
In this case I am bisecting Wine. To help I added an ltrace to the Wine shell script...
I am compiling to /tmp/wine.
/tmp is a tmpfs mount.
I added ltrace to /tmp/wine/
exec ltrace "$WINELOADER" "$@"
I have then deleted everything in this directory (multiple times).
When attempting to access /tmp/wine/
I then run a compilation.
On checking /tmp/wine/
exec ltrace "$WINELOADER" "$@"
I thought it might just be bash, but I checked with Pluma and this file contains ltrace – data I have deleted multiple times and should have been overwritten.
I tried multiple "sync"s and dropping the caches, but it makes no difference.
Why does this data keep reappearing? Why can't I delete a file? What kind of madness is this?
There are no words for just how bad this is. In particular: this is definitely a security issue.
If a user deletes a file, all I have to do is recreate a file with the same name and I have access to all that user's data.
I've spent hours bisecting, but it turns out I cannot trust any of the results as I have no guarantee that any of the files have actually changed.
I haven't checked the upstream kernel yet, but I am aware that this is required. It could take many hours.
ProblemType: Bug
DistroRelease: Ubuntu 22.04
Package: linux-image-
ProcVersionSign
Uname: Linux 5.15.0-76-generic x86_64
NonfreeKernelMo
ApportVersion: 2.20.11-0ubuntu82.5
Architecture: amd64
AudioDevicesInUse:
USER PID ACCESS COMMAND
/dev/snd/
/dev/snd/
/dev/snd/pcmC1D7p: ken 8889 F...m pulseaudio
CasperMD5CheckR
CurrentDesktop: MATE
Date: Sat Jul 15 06:32:07 2023
MachineType: LENOVO 0606AD5
ProcFB:
ProcKernelCmdLine: BOOT_IMAGE=
RelatedPackageV
linux-
linux-
linux-firmware 20220329.
RfKill:
SourcePackage: linux
UpgradeStatus: Upgraded to jammy on 2022-09-26 (291 days ago)
dmi.bios.date: 12/15/2016
dmi.bios.release: 0.60
dmi.bios.vendor: LENOVO
dmi.bios.version: A0KT60AUS
dmi.board.
dmi.board.name: LENOVO
dmi.board.vendor: LENOVO
dmi.board.version: NONE
dmi.chassis.type: 7
dmi.chassis.vendor: LENOVO
dmi.chassis.
dmi.modalias: dmi:bvnLENOVO:
dmi.product.family: To be filled by O.E.M.
dmi.product.name: 0606AD5
dmi.product.sku: LENOVO_BI_A0
dmi.product.
dmi.sys.vendor: LENOVO
modified.
mtime.conffile.
description: | updated |
information type: | Private Security → Public Security |
Thanks for reporting this issue.
Can I make this bug public?
Do you have a simple way of reproducing this issue?