From owner-freebsd-questions Sat Jul 6 18:09:02 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id SAA14761 for questions-outgoing; Sat, 6 Jul 1996 18:09:02 -0700 (PDT) Received: from relay-2.mail.demon.net (disperse.demon.co.uk [158.152.1.77]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id SAA14751 for ; Sat, 6 Jul 1996 18:08:57 -0700 (PDT) Received: from post.demon.co.uk ([158.152.1.72]) by relay-2.mail.demon.net id af16598; 7 Jul 96 2:08 +0100 Received: from jraynard.demon.co.uk ([158.152.42.77]) by relay-3.mail.demon.net id aa20529; 7 Jul 96 2:01 +0100 Received: (from fqueries@localhost) by jraynard.demon.co.uk (8.6.12/8.6.12) id WAA03437; Sat, 6 Jul 1996 22:46:19 GMT Date: Sat, 6 Jul 1996 22:46:19 GMT Message-Id: <199607062246.WAA03437@jraynard.demon.co.uk> From: James Raynard To: zach@blizzard.gaffaneys.com CC: freebsd-questions@freebsd.org In-reply-to: <87n31da1pa.fsf@freebsd.gaffaneys.com> (message from Zach Heilig on 06 Jul 1996 09:36:17 -0500) Subject: Re: What's up with ownership? Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > Is there any reason why files I create in /tmp (group owned by bin) are > also group owned by bin? This is the normal BSD behaviour. From mkdir(2):- The directory's owner ID is set to the process's effective user ID. The directory's group ID is set to that of the parent directory in which it is created. > It seems like a security risk to be able to create a file in a random > world writable directory, and have it created with a gid other than > one I belong to. It shouldn't be:- $ cp /bin/sh /tmp/foo $ ls -l /tmp/foo -r-xr-xr-x 1 fqueries wheel 282624 Jul 6 21:58 /tmp/foo $ chmod g+s /tmp/foo chmod: /tmp/foo: Operation not permitted If I change the group ownership of /tmp to 'bin' and try this again, I get $ chgrp g+s /tmp/foo chgrp: g+s: illegal group name (The fqueries user is in the group 'wheel', but not 'bin'). > I remember the old unix behavior when the directory > had to have the setgid bit on for files/directories created in it be > have the same gid as the directory. As far as I know (which isn't usually very far), the "traditional" SysV behaviour was that any files you created were group-owned by the group you were in at the time the file was created (your effective GID, to be precise). On such systems, you could only be in one group at a time, unlike BSD which allows you to be in up to 16. The setgid bit is a hack in SVR4 and other Unices to allow both SysV and BSD behaviours on the same system. By default, they use the SysV rule; if however the setgid bit is set on a directory, they use the BSD behaviour and any files created in that directory then have the same group owner as the directory. > Are files created in a directory > supposed to have the same gid as the directory (when the directory > doesn't have the setgid bit on), or does FreeBSD have a bug? No bugs, this is how it's meant to work! :-) -- James Raynard, Edinburgh, Scotland james@jraynard.demon.co.uk http://www.freebsd.org/~jraynard/