Hello!
I am new on this list and thoroughly searched the FAQ, the archives and
the web for this question, but couldn't find anything.
We wondererd why setting the guid bit on a directory makes all new files
owned by the group of the directory, but this does not work for the suid
bit, making new files owned by the owner of the directory.
It would be a good solution to make files created by Apaches mod_php in
safe-mode, not owned by web:web (or httpd:httpd or somethign) anymore, but
the Owner of the directory.
I do not even see a security hole if nobody other than the user itself and
httpd/web can reach this area in the file system, anyway. And it is still
the users decision that files in this (his) directory should belong to
him.
It seems, this has to be patched for each file system separately, right?
For example in linux/fs/ext2/ialloc.c.
Actually, the suid bit on directories works at least under FreeBSD. Is
there any reason, why it does not work under Linux?
Thanks
Michael
-- Hostsharing eG / c/o Michael Hönnig / Boytinstr. 10 / D-22143 Hamburg phone:+49/40/67581419 / mobile:+49/177/3787491 / fax:++49/40/67581426 http://www.hostsharing.net ---> Webhosting Spielregeln selbst gemacht - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu May 23 2002 - 22:00:16 EST