Re: Security & UID, GID?

To: Art Lemasters <alemas@rmi.net>
Cc: debian-user@lists.debian.org
Subject: Re: Security & UID, GID?
From: William T Wilson <fluffy@snurgle.org>
Date: Thu, 30 Sep 1999 04:12:23 -0400 (EDT)
Message-id: <[🔎] Pine.LNX.4.04.9909300407300.32288-100000@benatar.snurgle.org>
In-reply-to: <[🔎] 19990929202039.A1040@luvmusl.net>

On Wed, 29 Sep 1999, Art Lemasters wrote:

> has had its group permission changed to from x to s without my doing
> so, a couple of times.  For example, in the /home directory, one user

This is fine.  Depending on the user this may be helpful or even
necessary.  Is it a real human or a program that owns that directory?

>      I did not manually chmod the permissions that way.  What
> might have caused this, and what are the implications, anyone?

Setting +s group on a directory means that new files created in that
directory will be group-owned by the owner of the directory instead of the
current group of the user.  It does not grant g+s to those files
themselves, and of course the actual owner of the file can change the
group owner to anything he wants.  It is merely a convenience - for
example, you have two users collaborating on something.  They both belong
to group 'project' and agree to store their stuff in a particular
directory owned by group 'project'.  Normally both users belong to group
'users' - that won't work for this though, because then everybody on the
system could tinker with their stuff.  So they set g+s on the 'project'
directory.  Now, all the files they create in there are group-owned by
project, so they can both modify them, but other users can't.

Of course, there are a variety of uses for this setgid ability of
directories - that's just an example.

Reply to:

References:
- Security & UID, GID?
  - From: Art Lemasters <alemas@rmi.net>

Prev by Date: Security & UID, GID?
Next by Date: Re: Reading compressed files in XEmacs
Previous by thread: Security & UID, GID?
Next by thread: Re: Security & UID, GID?
Index(es):
- Date
- Thread