From: Michael Hoennig <michael@hostsharing.net>
To: Cedric Ware <cedric.ware@enst.fr>
Cc: linux-kernel@vger.kernel.org
Subject: Re: suid bit on directories
Date: Sat, 18 May 2002 12:34:35 +0200 [thread overview]
Message-ID: <20020518123435.6905c1e0.michael@hostsharing.net> (raw)
In-Reply-To: <20020518105252.A3897@enst.fr>
Hi Cedric,
> > I do not even see a security hole if nobody other than the user itself
> > and httpd/web can reach this area in the file system, anyway. And it
> > is still the users decision that files in this (his) directory should
> > belong to him.
>
> I guess it is considered a security hole if a user can create files not
> belonging to him.
where is it so much different from the guid flat on directories? That way
too, you could get rights of a group of which you are not a member. As
far as I can see, all what has to be prevented, is to create files with
suid flag set within such a folder - not even for a microsecond
(race-condition). Or do I miss something? Other issues are quota, but
this problem already exists with guid bit for directories. And in my case
(mod_php), it is even worse the way it is.
> > Actually, the suid bit on directories works at least under FreeBSD. Is
>
> Not under 4.x (nor OpenBSD 2.9); or did I do anything wrong?
OpenBSD is extremely carefully about security issues. Thus, it might not
work at all in OpenBSD. But it works under FreeBSD (as an option which
has to be compiled into the kernel). This is exactly what I would like to
have for Linux.
Michael
--
Hostsharing eG / c/o Michael Hönnig / Boytinstr. 10 / D-22143 Hamburg
phone:+49/40/67581419 / mobile:+49/177/3787491 / fax:++49/40/67581426
http://www.hostsharing.net ---> Webhosting Spielregeln selbst gemacht
next prev parent reply other threads:[~2002-05-18 10:34 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-05-18 8:34 suid bit on directories Michael Hoennig
2002-05-18 8:52 ` Cedric Ware
2002-05-18 10:34 ` Michael Hoennig [this message]
2002-05-19 1:12 ` jw schultz
2002-05-20 13:04 ` Jesse Pollard
2002-05-20 13:24 ` Michael Hoennig
2002-05-20 14:03 ` Jesse Pollard
2002-05-20 14:53 ` Michael Hoennig
2002-05-20 18:12 ` dean gaudet
2002-05-21 17:48 ` Bill Davidsen
2002-05-20 19:28 ` Jesse Pollard
2002-05-20 20:58 ` Miquel van Smoorenburg
2002-05-20 21:15 ` Michael Hoennig
2002-05-21 18:03 ` Bill Davidsen
2002-05-22 4:44 ` Michael Hoennig
2002-05-21 3:49 ` Dax Kelson
2002-05-20 15:53 ` Bill Davidsen
2002-05-20 19:17 ` Albert D. Cahalan
2002-05-20 20:17 ` Jesse Pollard
2002-05-21 3:28 ` Dax Kelson
2002-05-21 3:58 ` Dax Kelson
2002-05-21 18:04 ` Bill Davidsen
2002-05-21 18:35 ` J Sloan
2002-05-20 15:42 ` Bill Davidsen
-- strict thread matches above, loose matches on Subject: below --
2002-05-21 13:34 Jesse Pollard
2002-05-21 13:34 Jesse Pollard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20020518123435.6905c1e0.michael@hostsharing.net \
--to=michael@hostsharing.net \
--cc=cedric.ware@enst.fr \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox