Re: Small security bug with misconfigured access rights

From: Jordan Russell (jr-list-kernel@quo.to)
Date: Wed Nov 28 2001 - 13:03:20 EST


Giuliano Pochini wrote:
> Well, I don't know if it is really a bug.
>
> Create a directory like this:
>
> # ls -la
> total 12
> drwxr-sr-x 2 pochini root 4096 Nov 28 16:33 .
> drwxr-xr-x 32 pochini users 8192 Nov 28 16:25 ..
>
> Sgid bit is set and the directory is owned by me and the
> group is root (yes, it shouldn't be).
>
> When I create a file here, it gets the root group even
> if I don't belong to it.

That's the correct behavior. Quoting "man mount":

       grpid or bsdgroups / nogrpid or sysvgroups
              These options define what group id a newly created file
gets. When
              grpid is set, it takes the group id of the directory in
which it is
              created; otherwise (the default) it takes the fsgid of the
current pro-
              cess, unless the directory has the setgid bit set, in
which case it
              takes the gid from the parent directory, and also gets the
setgid bit
              set if it is a directory itself.

Jordan Russell

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Fri Nov 30 2001 - 21:00:31 EST