Date: Tue, 22 Jun 2004 18:18:34 +0400 From: Nikita Danilov <Nikita@Clusterfs.COM> To: Dan Strick <strick@covad.net> Cc: dan@mist.nodomain Subject: Re: Sticky/sgid/suid bits safe on regular files? Message-ID: <16600.16314.518796.463218@laputa.namesys.com> In-Reply-To: <200406221217.i5MCHYvj003485@mist.nodomain> References: <200406221217.i5MCHYvj003485@mist.nodomain>
next in thread | previous in thread | raw e-mail | index | archive | help
Dan Strick writes:
> Daniel O'Connor wrote:
> >>
> > I think he wanted to use sticky/sgid/suid because they get removed
> > when the file is changed.
> >>
>
> and Dag-Erling S?rgrav responded:
> >>
> > no they don't.
> >>
>
> Actually, they do. (just the sgid/suid bits)
>
> I believe this was an ancient BSD security enhancement in case
> someone accidentally left a world writeable suid file around.
That is Single Unix Specification requirement:
Upon successful completion, where nbyte is greater than 0, write()
shall mark for update the st_ctime and st_mtime fields of the
file, and if the file is a regular file, the S_ISUID and S_ISGID
bits of the file mode may be cleared.
However in chmod description it says:
Implementations that use the S_ISUID bit to indicate some other
function (for example, mandatory record locking) on non-executable
files need not clear this bit on writing. They should clear the
bit for executable files and any other cases where the bit grants
special powers to processes that change the file contents. Similar
comments apply to the S_ISGID bit.
>
> Dan Strick
Nikita.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?16600.16314.518796.463218>