Re: Small security bug with misconfigured access rights

Jordan Russell (jr-list-kernel@quo.to)
Wed, 28 Nov 2001 12:03:20 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Andi Kleen: "Re: hiding arp for server farms"
Previous message: watermodem: "USB info for HP-318 Camera"
Maybe in reply to: Giuliano Pochini: "Small security bug with misconfigured access rights"

Giuliano Pochini wrote:
> Well, I don't know if it is really a bug.
>
> Create a directory like this:
>
> # ls -la
> total 12
> drwxr-sr-x 2 pochini root 4096 Nov 28 16:33 .
> drwxr-xr-x 32 pochini users 8192 Nov 28 16:25 ..
>
> Sgid bit is set and the directory is owned by me and the
> group is root (yes, it shouldn't be).
>
> When I create a file here, it gets the root group even
> if I don't belong to it.

That's the correct behavior. Quoting "man mount":

grpid or bsdgroups / nogrpid or sysvgroups
These options define what group id a newly created file
gets. When
grpid is set, it takes the group id of the directory in
which it is
created; otherwise (the default) it takes the fsgid of the
current pro-
cess, unless the directory has the setgid bit set, in
which case it
takes the gid from the parent directory, and also gets the
setgid bit
set if it is a directory itself.

Jordan Russell

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andi Kleen: "Re: hiding arp for server farms"
Previous message: watermodem: "USB info for HP-318 Camera"
Maybe in reply to: Giuliano Pochini: "Small security bug with misconfigured access rights"