Re: suid bit on directories

From: Cedric Ware (cedric.ware@enst.fr)
Date: Sat May 18 2002 - 03:52:52 EST


> I do not even see a security hole if nobody other than the user itself and
> httpd/web can reach this area in the file system, anyway. And it is still
> the users decision that files in this (his) directory should belong to
> him.

I guess it is considered a security hole if a user can create files not
belonging to him.

> Actually, the suid bit on directories works at least under FreeBSD. Is

Not under 4.x (nor OpenBSD 2.9); or did I do anything wrong?

krakatoa ~ % uname -a
FreeBSD krakatoa.tectonics 4.5-STABLE FreeBSD 4.5-STABLE #13: Thu Mar 28 01:12:06 CET 2002 ware@krakatoa.tectonics:/local/usr/obj/usr/src/sys/KRAKATOA i386
krakatoa ~ % whoami
ware
krakatoa ~ % cd /tmp
krakatoa /tmp % mkdir xx
krakatoa /tmp % sudo chown root.bin xx
krakatoa /tmp % sudo chmod 6777 xx
krakatoa /tmp % touch xx/yy
krakatoa /tmp % ls -la xx
total 4
drwsrwsrwx 2 root bin 512 May 18 10:47 .
drwxrwxrwt 20 root wheel 3072 May 18 10:47 ..
-rw-r--r-- 1 ware bin 0 May 18 10:47 yy
krakatoa /tmp %

                                                Cheers,
                                                Cedric Ware.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Thu May 23 2002 - 22:00:16 EST