From owner-freebsd-security Sat Apr 10 14: 7:38 1999 Delivered-To: freebsd-security@freebsd.org Received: from point.osg.gov.bc.ca (point.osg.gov.bc.ca [142.32.102.44]) by hub.freebsd.org (Postfix) with ESMTP id 94DEE14C94 for ; Sat, 10 Apr 1999 14:07:36 -0700 (PDT) (envelope-from cy@cschuber.net.gov.bc.ca) Received: (from daemon@localhost) by point.osg.gov.bc.ca (8.8.7/8.8.8) id OAA11768; Sat, 10 Apr 1999 14:07:45 -0700 Received: from da006.inetex.com(139.142.118.21), claiming to be "cwsys.cwsent.com" via SMTP by point.osg.gov.bc.ca, id smtpda11766; Sat Apr 10 14:07:32 1999 Received: (from uucp@localhost) by cwsys.cwsent.com (8.9.3/8.9.1) id NAA45990; Sat, 10 Apr 1999 13:34:32 -0700 (PDT) Message-Id: <199904102034.NAA45990@cwsys.cwsent.com> Received: from localhost.cwsent.com(127.0.0.1), claiming to be "cwsys" via SMTP by localhost.cwsent.com, id smtpdq45986; Sat Apr 10 13:34:30 1999 X-Mailer: exmh version 2.0.2 2/24/98 Reply-To: Cy Schubert - ITSD Open Systems Group From: Cy Schubert - ITSD Open Systems Group X-OS: FreeBSD 2.2.8-RELEASE X-Sender: cy To: sthaug@nethelp.no Cc: brett@lariat.org, ingham@i-pi.com, security@FreeBSD.ORG Subject: Re: Interesting problem: chowning files sent via FTP In-reply-to: Your message of "Sat, 10 Apr 1999 09:17:08 +0200." <31184.923728628@verdi.nethelp.no> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sat, 10 Apr 1999 13:34:30 -0700 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <31184.923728628@verdi.nethelp.no>, sthaug@nethelp.no writes: > > Is this so? I was under the impression that the default group of a > > new file was the login group of the creator, as specified in /etc/passwd. > > AFAIK, in all BSD versions the default group of a new file is the group > of the directory it is created in. > > > As for the setgid-on-execution bit: there's no documentation on what it > > does when set on a directory. The chmod(1) man page doesn't say anything. > > Does it change the group ownership of newly created files? > > setgid on a directory is a SYSV-ism (or rather, close to a SVR4-ism). It > means that the SYSV system in question should follow the BSD semantics > for files created in this directory, instead of the default SYSV semantics > (set the group of the file to the effective gid of the creating process). The SVR4-ism is there because SYSV does not conform to FIPS-151. FIPS-151 states BSD semantics must be used for newly created files and directories. FIPS-151 is a US Government standard, if not adhered to by a vendor, the said system cannot be purchased by agencies of the US government. That's why SVR4 uses the sgid bit for for directories, to conform to FIPS-151. It's all described in Stevens' book on Advanced UNIX Programming. > > setgid on a directory works this way at least in Solaris 2 and HP-UX 10.x/ > 11.x. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Open Systems Group Internet: Cy.Schubert@uumail.gov.bc.ca ITSD Cy.Schubert@gems8.gov.bc.ca Province of BC "e**(i*pi)+1=0" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message