From owner-freebsd-hackers Fri Oct 15 10:30:22 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from alpo.whistle.com (alpo.whistle.com [207.76.204.38]) by hub.freebsd.org (Postfix) with ESMTP id 3F75514C20 for ; Fri, 15 Oct 1999 10:30:18 -0700 (PDT) (envelope-from julian@whistle.com) Received: from current1.whiste.com (current1.whistle.com [207.76.205.22]) by alpo.whistle.com (8.9.1a/8.9.1) with ESMTP id KAA67916; Fri, 15 Oct 1999 10:29:05 -0700 (PDT) Date: Fri, 15 Oct 1999 10:29:04 -0700 (PDT) From: Julian Elischer To: Jos Backus Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: SUIDDIR problem In-Reply-To: <19991015121002.A82950@hal.mpn.cp.philips.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG SUIDDIR will work for any user EXCEPT ROOT I did this because I felt it was a security hole to allow users to create files owned by root. (from memory it will also refuse to do files that have the execute bit set but I can't remember for sure) We use it all the time on our PC fileservers so that DOS users always own the files in their dropbox directories but they can give each other files (e.g. documents). On Fri, 15 Oct 1999, Jos Backus wrote: > [Maybe this is -questions/-stable material, I'm not sure. Please flame > appropriately.] > > On a very recent -stable system: > > I have a directory, say /ftp/foocust/in. This directory > - resides in a filesystem mounted on /ftp with the suiddir option > (with SUIDDIR in the kernel). > - is owned by uid root,group ftp > - has mode u=rws,g=rwx,o= > > A user foo, group ftp, puts a file there using ftp (I'm running the stock > FreeBSD ftpd). I would expect this file to subsequently become owned by root > instead of foo, but nevertheless the file stays owned by foo. > > What am I doing wrong? Nothing, they just can't be owned by root. > > Thanks, > -- > Jos Backus _/ _/_/_/ "Reliability means never > _/ _/ _/ having to say you're sorry." > _/ _/_/_/ -- D. J. Bernstein > _/ _/ _/ _/ > Jos.Backus@nl.origin-it.com _/_/ _/_/_/ use Std::Disclaimer; > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-hackers" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message