Re: Horribly Mistimed complaint about fs/open.c:chown_common()

Miquel van Smoorenburg (miquels@cistron.nl)
17 Oct 1998 14:28:33 +0200

In article <cistron.199810161242.IAA05952@barnacle.cdtelecom.com>,
Majdi Abbas <abbas@cdtelecom.com> wrote:
>Andreas Barth wrote:
>| Yes, it does. Anyone who is allowed to create files in that directory can
>| quite easily start a sgid-program to get membership of the group.
>
> Presumably one does not make restricted-access directories world
>writable; if they are group writable, to write to them you already have to
>be in the group.

If the setgid bit on a directory is on, all files created there will be
owned by the group of the directory. Under BSD, this behaviour is even
standard without setgid bit.

But, even if you are the owner of a file, you should not be able to
turn on the setgid bit on that file unless you are also member of that group.

% cd /tmp
% ls -ld .
drwxrwsrwt 3 root bin 1024 Oct 17 14:29 ./
% touch foo
% chmod 2755 foo
% ls -l foo
-rwxr-xr-x 1 miquels bin 0 Oct 17 14:29 foo*

See? I cannot turn on the setgid bit.

But the inconsistency is:

% mkdir bar
% ls -ld bar
drwxrwsr-x 2 miquels bin 1024 Oct 17 14:30 bar/

Setgid bit is now on, but:

% chmod 2755 bar
% ls -ld bar
drwxr-xr-x 2 miquels bin 1024 Oct 17 14:30 bar/

I cannot turn the setgid bit on anymore ..

Mike.

-- 
  "Did I ever tell you about the illusion of free will?"
    -- Sheriff Lucas Buck, ultimate BOFH.


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/