From owner-freebsd-security  Sat Mar 23 14:38:44 2002
Delivered-To: freebsd-security@freebsd.org
Received: from spitfire.velocet.net (spitfire.velocet.net [216.138.223.227])
	by hub.freebsd.org (Postfix) with ESMTP id 0D9C137B404
	for <security@freebsd.org>; Sat, 23 Mar 2002 14:38:42 -0800 (PST)
Received: from nomad.tor.lets.net (H74.C220.tor.velocet.net [216.138.220.74])
	by spitfire.velocet.net (Postfix) with SMTP id 118EFFB45B9
	for <security@freebsd.org>; Sat, 23 Mar 2002 17:38:40 -0500 (EST)
Received: (qmail 76737 invoked by uid 1001); 23 Mar 2002 22:33:31 -0000
Date: Sat, 23 Mar 2002 17:33:31 -0500
From: Steve Shorter <steve@nomad.lets.net>
To: Bjoern Engels <bjoern.engels@mail.isis.de>
Cc: security@freebsd.org
Subject: Re: strange behaviour on /tmp
Message-ID: <20020323173331.A76680@nomad.lets.net>
References: <20020323214535.Y212-100000@phoenix.vh.laserfence.net> <E16otir-000HR6-00@pumaman.dyndns.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <E16otir-000HR6-00@pumaman.dyndns.org>; from bjoern.engels@mail.isis.de on Sat, Mar 23, 2002 at 11:10:49PM +0100
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Sat, Mar 23, 2002 at 11:10:49PM +0100, Bjoern Engels wrote:
> > The mode 1777 turns on the sticky bit, hence, any write to /tmp is
> > created as the owner of /tmp.
> 
> 1777 means only the owner of a file can delete it. I bet /tmp
> has been set up 2777 or 3777 so all new files are being associated
> with the group /tmp belongs to (wheel).

	My experience with FreeBSD is that the "default" behavior
of directories is for files to have group ownership the same as
the directory they are created in. For example here is a brief
example


bash-2.05# mkdir testdir
bash-2.05# chown root:steve testdir
bash-2.05# >testdir/testfile
bash-2.05# ls -al
total 10
drwxr-xr-x   5 root     wheel     512 Mar 23 17:28 .
drwxr-xr-x  19 root     wheel     512 Jan 19 17:18 ..
drwxr-xr-x   2 root     steve     512 Mar 23 17:28 testdir
bash-2.05# ls -al testdir/
total 2
drwxr-xr-x  2 root  steve  512 Mar 23 17:28 .
drwxr-xr-x  5 root  wheel  512 Mar 23 17:28 ..
-rw-r--r--  1 root  steve    0 Mar 23 17:28 testfile


	Or what am I missing?


	-steve

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message