Re: set group id on directories

Ollivier Robert (Ollivier.Robert@hsc.fr.net)
Thu, 2 Mar 1995 14:14:12 +0100 (MET)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Lawrence MacIntyre - 615.576.0824: "Re: Bug in gethostbyaddr() on some systems"
Previous message: System Administrator: "Re: Re[2]: snooper watchers"
In reply to: Marc Samama: "set group id on directories"
Next in thread: der Mouse: "Re: set group id on directories"

> I'd like to know if a sgid bit on a directory represents a security risk,
> given the fact that the directory is not world or group writable.

I don't think so.

> On my system, whereas the manual states that this bit is ignored on 
> directories, a file created on such a directory is owned by the same 
> group that posses the dir, and any child directory has the same sgid bit,
> by default.
> 
> It this feature commonly used 

BSD systems don't need this because this is the default behaviour. The setgid
bit on directories was introduced on SVRn systems. On SunOS, you can get
that behaviour back by specifying the option grpid in /etc/fstab.

I may be a little partial but I think the BSD behaviour's better.
-- 
Ollivier ROBERT  -=-=-  Herve Schauer Consultants -=-=-   roberto@FreeBSD.ORG
-=-=-=-=-=- Support The Free UNIX Systems !  FreeBSD NetBSD Linux -=-=-=-=-=-

Next message: Lawrence MacIntyre - 615.576.0824: "Re: Bug in gethostbyaddr() on some systems"
Previous message: System Administrator: "Re: Re[2]: snooper watchers"
In reply to: Marc Samama: "set group id on directories"
Next in thread: der Mouse: "Re: set group id on directories"