bug-coreutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#8391: chmod setuid & setguid bits

From: Eric Blake
Subject: bug#8391: chmod setuid & setguid bits
Date: Thu, 31 Mar 2011 11:29:19 -0600
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.15) Gecko/20110307 Fedora/3.1.9-0.39.b3pre.fc14 Lightning/1.0b3pre Mnenhy/0.8.3 Thunderbird/3.1.9 
On 03/31/2011 03:01 AM, Christian wrote:
> Why can I only use symbolic modes for clearing ?
> 
> ----snip chmod(1) ---
> and you can set (but not clear) the bits with a numeric mode.
> ----snip chmod(1) ---
> 
> isn't "chmod 0755 DIR" explicit enough ?

Thanks for the report.  However, this is not a bug.  POSIX states:
http://pubs.opengroup.org/onlinepubs/9699919799/utilities/chmod.html

"For an octal integer mode operand, the file mode bits shall be set
absolutely.

"For each bit set in the octal number, the corresponding file permission
bit shown in the following table shall be set; all other file permission
bits shall be cleared. For regular files, for each bit set in the octal
number corresponding to the set-user-ID-on-execution or the
set-group-ID-on-execution, bits shown in the following table shall be
set; if these bits are not set in the octal number, they are cleared.
For other file types, it is implementation-defined whether or not
requests to set or clear the set-user-ID-on-execution or
set-group-ID-on-execution bits are honored."

A directory is not a regular file.  Therefore, it is
implementation-defined whether the S_ISUID and S_ISGID bits are cleared,
and we have chosen to define that they are not cleared (accidentally
removing the sticky bit of a directory when you only meant to change
access permissions is a security hole).

-- 
Eric Blake   address@hidden    +1-801-349-2682
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]