Re: suid bit on directories

Michael Hoennig (michael@hostsharing.net)
Mon, 20 May 2002 15:24:03 +0200


Hi Jesse,

> The setgid bit on a directory is to support BSD activities. It used to
> be used for mail delivery.

this is actually similar usage to my example:

> > It would be a good solution to make files created by Apaches mod_php
> > in safe-mode, not owned by web:web (or httpd:httpd or somethign)
> > anymore, but the Owner of the directory.
>
> No. You loose the fact that the file was NOT created by the user.

the user in my example above would be wwwrun or httpd - and that does not
make any sense at all! It would make much more sense if the new files
belonged to the owner of the directory, who is the one who owns the
virtual host.

> > I do not even see a security hole if nobody other than the user itself
> > and httpd/web can reach this area in the file system, anyway. And it
> > is still the users decision that files in this (his) directory should
> > belong to him.
>
> 1. users will steal/bypass quota controls

Not in my example - acutally even the other way around.

> 2. Consider what happens if a user creates a file in such a directory
> and it is executable. - since the file is fully owned by a different
> user, it appears to have been created by that user. What protection
> mask is on the file? Can the creator (not owner) make it setuid?
> (nasty worm propagation method)

Again: it depends on the usage. In my case it is the other way around. A
use should know what he is doing if he is setting this flag on a
directory. And making such files suid again, has to be prevented by the
code - that I even mentioned in my first mail on this issue.

> > Actually, the suid bit on directories works at least under FreeBSD. Is
> > there any reason, why it does not work under Linux?
>
> I don't believe it is in the POSIX definition.

I only said, it works under FreeBSD, it is an option there.

Michael

-- 
Hostsharing eG / c/o Michael Hönnig / Boytinstr. 10 / D-22143 Hamburg
phone:+49/40/67581419 / mobile:+49/177/3787491 / fax:++49/40/67581426
http://www.hostsharing.net ---> Webhosting Spielregeln selbst gemacht
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/