Date: Sun, 14 Aug 2005 17:49:50 +1000 From: Greg Black <gjb@gbch.net> To: =?iso-8859-1?Q?Jo=C3=A3o_Carlos_Mendes_Lu=C3=ADs?= <jonny@jonny.eng.br> Cc: hackers@freebsd.org Subject: Re: File create permissions, what am I missing? Message-ID: <nospam-1124005790.36599@iliad.gbch.net> In-Reply-To: <42FEDE50.8050107@jonny.eng.br> References: <42FD15EA.8050500@jonny.eng.br> <20050812233728.GA22225@odin.ac.hmc.edu> <42FE1781.9050403@jonny.eng.br> <nospam-1123974717.18305@gecko.gbch.net> <42FEDE50.8050107@jonny.eng.br>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2005-08-14, João Carlos Mendes Luís wrote: > Greg Black wrote: >> On 2005-08-13, Jo�o Carlos Mendes Lu�s wrote: >>> Brooks Davis wrote: >>> >>>> On BSD systems, the group of a file is always the group of the directory >>>> it is in. This differs from SysV UNIX. The resident grey-beard at work >>>> feels this is a new and annoying behavior. (i.e. it wasn't always this >>>> way. :) >>> >>> So this is expected behavior? Isn't this someway insecure? >> >> It is documented behaviour (see open(2) for details). How is it >> insecure? > > I don't know how it could be unsecure. So why suggest that it is? If you find something that is actually insecure, by all means bring it to people's attention; but don't just randomly speculate without any evidence. The mere fact that it's unfamiliar to you or somehow different from your normal expectations is not in itself sufficient reason to proclaim that there's a problem. > Is there any specifc reason for it to be > different on SYSV and Linux? Or is it just a different choice? It's a different (and IMO better) choice. And if you care about the reasons, by all means track down the different histories that led to the choices that were made. But that's not really a topic to flog to death here. > I could not find any vulnerability, but I do not like the idea that a user could > create files belonging to a group himself does not belong. He can only do this if he has write permission in the directory in question and of course he also has write permission to the file. The fact that it might belong to a group he is not a member of is irrelevant to security. As has been pointed out, there are some useful things that you can do with this feature and, as always with these things, it's important to understand how things work before setting out to use them. And, while I'm at it, I'd point out that these questions are better put on the questions list, as they are not really in the domain of this list. Greg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?nospam-1124005790.36599>