Date: Sat, 6 Jul 1996 22:46:19 GMT From: James Raynard <fqueries@jraynard.demon.co.uk> To: zach@blizzard.gaffaneys.com Cc: freebsd-questions@freebsd.org Subject: Re: What's up with ownership? Message-ID: <199607062246.WAA03437@jraynard.demon.co.uk> In-Reply-To: <87n31da1pa.fsf@freebsd.gaffaneys.com> (message from Zach Heilig on 06 Jul 1996 09:36:17 -0500)
next in thread | previous in thread | raw e-mail | index | archive | help
> Is there any reason why files I create in /tmp (group owned by bin) are > also group owned by bin? This is the normal BSD behaviour. From mkdir(2):- The directory's owner ID is set to the process's effective user ID. The directory's group ID is set to that of the parent directory in which it is created. > It seems like a security risk to be able to create a file in a random > world writable directory, and have it created with a gid other than > one I belong to. It shouldn't be:- $ cp /bin/sh /tmp/foo $ ls -l /tmp/foo -r-xr-xr-x 1 fqueries wheel 282624 Jul 6 21:58 /tmp/foo $ chmod g+s /tmp/foo chmod: /tmp/foo: Operation not permitted If I change the group ownership of /tmp to 'bin' and try this again, I get $ chgrp g+s /tmp/foo chgrp: g+s: illegal group name (The fqueries user is in the group 'wheel', but not 'bin'). > I remember the old unix behavior when the directory > had to have the setgid bit on for files/directories created in it be > have the same gid as the directory. As far as I know (which isn't usually very far), the "traditional" SysV behaviour was that any files you created were group-owned by the group you were in at the time the file was created (your effective GID, to be precise). On such systems, you could only be in one group at a time, unlike BSD which allows you to be in up to 16. The setgid bit is a hack in SVR4 and other Unices to allow both SysV and BSD behaviours on the same system. By default, they use the SysV rule; if however the setgid bit is set on a directory, they use the BSD behaviour and any files created in that directory then have the same group owner as the directory. > Are files created in a directory > supposed to have the same gid as the directory (when the directory > doesn't have the setgid bit on), or does FreeBSD have a bug? No bugs, this is how it's meant to work! :-) -- James Raynard, Edinburgh, Scotland james@jraynard.demon.co.uk http://www.freebsd.org/~jraynard/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199607062246.WAA03437>