From owner-freebsd-hackers  Fri Oct 15 10:30:22 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from alpo.whistle.com (alpo.whistle.com [207.76.204.38])
	by hub.freebsd.org (Postfix) with ESMTP id 3F75514C20
	for <freebsd-hackers@FreeBSD.ORG>; Fri, 15 Oct 1999 10:30:18 -0700 (PDT)
	(envelope-from julian@whistle.com)
Received: from current1.whiste.com (current1.whistle.com [207.76.205.22])
	by alpo.whistle.com (8.9.1a/8.9.1) with ESMTP id KAA67916;
	Fri, 15 Oct 1999 10:29:05 -0700 (PDT)
Date: Fri, 15 Oct 1999 10:29:04 -0700 (PDT)
From: Julian Elischer <julian@whistle.com>
To: Jos Backus <Jos.Backus@nl.origin-it.com>
Cc: freebsd-hackers@FreeBSD.ORG
Subject: Re: SUIDDIR problem
In-Reply-To: <19991015121002.A82950@hal.mpn.cp.philips.com>
Message-ID: <Pine.BSF.4.10.9910151021550.18204-100000@current1.whistle.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

SUIDDIR will work for any user EXCEPT ROOT
I did this because I felt it was a security hole to allow users to create
files owned by root.
(from memory it will also refuse to do files that have the execute bit set
but I can't remember for sure)

We use it all the time on our PC fileservers so that DOS users always own
the files in their dropbox directories but they can give each other files
(e.g. documents).


On Fri, 15 Oct 1999, Jos Backus wrote:

> [Maybe this is -questions/-stable material, I'm not sure. Please flame
> appropriately.]
> 
> On a very recent -stable system:
> 
> I have a directory, say /ftp/foocust/in. This directory
> - resides in a filesystem mounted on /ftp with the suiddir option
>   (with SUIDDIR in the kernel).
> - is owned by uid root,group ftp
> - has mode u=rws,g=rwx,o=
> 
> A user foo, group ftp, puts a file there using ftp (I'm running the stock
> FreeBSD ftpd). I would expect this file to subsequently become owned by root
> instead of foo, but nevertheless the file stays owned by foo.
> 
> What am I doing wrong?

Nothing, they just can't be owned by root.

> 
> Thanks,
> -- 
> Jos Backus                          _/ _/_/_/  "Reliability means never
>                                    _/ _/   _/   having to say you're sorry."
>                                   _/ _/_/_/             -- D. J. Bernstein
>                              _/  _/ _/    _/
> Jos.Backus@nl.origin-it.com  _/_/  _/_/_/      use Std::Disclaimer;
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-hackers" in the body of the message
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message