Title. Long,short story: creating or editing files with nano as my non-root user gives (the file) elevated privileges, like I have ran it w/ sudo or as root. And the (only) “security hole” that I can think of is a nextdns docker container running as root. That aside, its very “overkill” security-wise (cap_drop=ALL, non-root image, security_opt=no_new_privileges, etc.).

It’s like someone tried to hack me but gave up halfway. Am I right or wrong to assume this? Just curious.

Thanks in advance.

  • Kid_Thunder
    link
    fedilink
    4
    edit-2
    1 year ago

    The directory you are creating your files in likely is set to immutable or append only.

    lsattr -d /path/to/directory

    if you see i or a, then that’s the issue.

    You can remove them with
    sudo chattr -i /path/to/dir #removes immutable
    sudo chattr -a /path/to/dir #removes append only

    Same goes for files but if it happens to all files in a directory, then that is probably it.