From owner-freebsd-hackers@FreeBSD.ORG Sun Aug 14 06:03:35 2005 Return-Path: X-Original-To: hackers@freebsd.org Delivered-To: freebsd-hackers@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E224616A41F for ; Sun, 14 Aug 2005 06:03:35 +0000 (GMT) (envelope-from jonny@jonny.eng.br) Received: from coe.ufrj.br (roma.coe.ufrj.br [146.164.53.65]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4EFFE43D45 for ; Sun, 14 Aug 2005 06:03:33 +0000 (GMT) (envelope-from jonny@jonny.eng.br) Received: from localhost (localhost [127.0.0.1]) by coe.ufrj.br (Postfix) with ESMTP id 5E5C017004; Sun, 14 Aug 2005 03:03:32 -0300 (BRT) Received: from coe.ufrj.br ([146.164.53.65]) by localhost (roma.coe.ufrj.br [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 41425-01; Sun, 14 Aug 2005 03:03:28 -0300 (BRT) Received: from [200.165.119.122] (200165119122.user.veloxzone.com.br [200.165.119.122]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by coe.ufrj.br (Postfix) with ESMTP id 2FA5517002; Sun, 14 Aug 2005 03:03:28 -0300 (BRT) Message-ID: <42FEDE50.8050107@jonny.eng.br> Date: Sun, 14 Aug 2005 03:01:52 -0300 From: =?UTF-8?B?Sm/Do28gQ2FybG9zIE1lbmRlcyBMdcOtcw==?= User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Greg Black References: <42FD15EA.8050500@jonny.eng.br> <20050812233728.GA22225@odin.ac.hmc.edu> <42FE1781.9050403@jonny.eng.br> In-Reply-To: Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAABGdBTUEAALGPC/xhBQAAADBQ TFRFAAAAgAAAAIAAgIAAAACAgACAAICAgICAwMDA/wAAAP8A//8AAAD//wD/AP//////ex+xxAAA Ac9JREFUOMtdk8FupDAMhr1qRbjR2x77GD3uq7BS1TkuhyrmFnppcvOrUlUquXltJ2EAIw1Dvvz+ bRPgrQbU6NpzuY0AF1LABIc4AH9crxLwb/4VztEU42W9SOBezwX4ClzeLuC9PBFRq+2xpJJHN8KQ Oa9Hd/ACnldgUVADvgHKA2usVwW12BVSkrThJH+5lqqQXIAAvRkQM6WqkADpO5gBx5m5VOxRgBZV HRLRcgc4dv3ukbOBm3de8uHIe1n0BBUBIi4hi0U2ownGkkwrwN425ygVPjntsvOmkFyyXYfreHXq f1tugFLCFDhZcsffYIqxKNAB/FkNbBDslUTz0MMQfuRnkN6D5nLVQ0G2H3bWC6KByTZPZWhJ/jgs ChX3e/P5y0VReCUCYm0/pUQd1lQ4/aIty/YtW6y3WMHc8yazpcU8UuqqB+LfMql/wVx4kXNTwGQO PxTuL7+AhbSkWS4z0TdZFbo1BR6qQkA08DnogNNHey/SGc5GejqFttxhjBHd3rjd62nR08gnxeFr Ic2e52we+QC0rIg6KYn1AKQsbF3wcgAP00MZrZ6X0yc5v5TRXgTi/jtVwef5I6Y+J7kyb+d1eB6K 4LoOLphBW/8PdNW9dapKWXwAAAAASUVORK5CYII= Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Virus-Scanned: amavisd-new at coe.ufrj.br Cc: hackers@freebsd.org Subject: Re: File create permissions, what am I missing? X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Aug 2005 06:03:36 -0000 Greg Black wrote: > On 2005-08-13, Jo�o Carlos Mendes Lu�s wrote: > >>Brooks Davis wrote: >> >>>On BSD systems, the group of a file is always the group of the directory >>>it is in. This differs from SysV UNIX. The resident grey-beard at work >>>feels this is a new and annoying behavior. (i.e. it wasn't always this >>>way. :) >> >>So this is expected behavior? Isn't this someway insecure? > > > It is documented behaviour (see open(2) for details). How is it > insecure? I don't know how it could be unsecure. Is there any specifc reason for it to be different on SYSV and Linux? Or is it just a different choice? I could not find any vulnerability, but I do not like the idea that a user could create files belonging to a group himself does not belong. My first attempt was to mark this file setgid, but the system denies it: It is my file, but I am not in the file's group. That would be too easy. ;-) Nevertheless, if somebody leaves a directory writeable by anoybody, he should know what he's doing. If I could just make /tmp not writeable... ;-)