Re: set group id on directories

Brett Lymn (blymn@awadi.com.AU)
Fri, 3 Mar 1995 14:03:17 +1030 (CST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Mr Martin J Hargreaves: "COPS reporting unrestricted NFS exports under Linux"
Previous message: Larry Glaze: "Large security hole in SGI IRIX 5.2"
In reply to: Marc Samama: "set group id on directories"
Next in thread: Jake Hill: "Re: set group id on directories"

According to Marc Samama:
>
>
>I'd like to know if a sgid bit on a directory represents a security risk,
>given the fact that the directory is not world or group writable.
>

It's not much use if the directory is not group at least g-rx.

>On my system, whereas the manual states that this bit is ignored on 
>directories, a file created on such a directory is owned by the same 
>group that posses the dir, and any child directory has the same sgid bit,
>by default.
>

This is normal behaviour on the Suns (and I think it's documented
somewhere)

>It this feature commonly used anyway?
>

It's handy if you have a directory shared by a group of people -
combined with the right umask it makes to permissions on the files
automatic.

-- 
Brett Lymn, Computer Systems Administrator, AWA Defence Industries
===============================================================================
"Also, it takes a lot longer to get up North ..... The slow way"
        - "Clever Trevor" Ian Drury

Next message: Mr Martin J Hargreaves: "COPS reporting unrestricted NFS exports under Linux"
Previous message: Larry Glaze: "Large security hole in SGI IRIX 5.2"
In reply to: Marc Samama: "set group id on directories"
Next in thread: Jake Hill: "Re: set group id on directories"