Date: Sun, 14 Aug 2005 03:01:52 -0300 From: =?UTF-8?B?Sm/Do28gQ2FybG9zIE1lbmRlcyBMdcOtcw==?= <jonny@jonny.eng.br> To: Greg Black <gjb@gbch.net> Cc: hackers@freebsd.org Subject: Re: File create permissions, what am I missing? Message-ID: <42FEDE50.8050107@jonny.eng.br> In-Reply-To: <nospam-1123974717.18305@gecko.gbch.net> References: <42FD15EA.8050500@jonny.eng.br> <20050812233728.GA22225@odin.ac.hmc.edu> <42FE1781.9050403@jonny.eng.br> <nospam-1123974717.18305@gecko.gbch.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Greg Black wrote: > On 2005-08-13, Jo�o Carlos Mendes Lu�s wrote: > >>Brooks Davis wrote: >> >>>On BSD systems, the group of a file is always the group of the directory >>>it is in. This differs from SysV UNIX. The resident grey-beard at work >>>feels this is a new and annoying behavior. (i.e. it wasn't always this >>>way. :) >> >>So this is expected behavior? Isn't this someway insecure? > > > It is documented behaviour (see open(2) for details). How is it > insecure? I don't know how it could be unsecure. Is there any specifc reason for it to be different on SYSV and Linux? Or is it just a different choice? I could not find any vulnerability, but I do not like the idea that a user could create files belonging to a group himself does not belong. My first attempt was to mark this file setgid, but the system denies it: It is my file, but I am not in the file's group. That would be too easy. ;-) Nevertheless, if somebody leaves a directory writeable by anoybody, he should know what he's doing. If I could just make /tmp not writeable... ;-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42FEDE50.8050107>