bug-fileutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bug in chgrp (GNU fileutils) 4.0p


From: Jim Meyering
Subject: Re: Bug in chgrp (GNU fileutils) 4.0p
Date: 09 Dec 2000 22:52:52 +0100
User-agent: Gnus/5.0807 (Gnus v5.8.7) Emacs/20.7

Bob Proulx <address@hidden> wrote:
| > I have found a bug in chgrp (GNU fileutils) 4.0p.
| >
| > When changing the group of a file that is has the suid bit set, it removes
| > the suid bit when changing the group.
| >
| > Example:
| >
| > # ls -l wrapper
| > -rwsrwxr-x    1 root     users       15035 Dec  1 13:24 wrapper
| >    ^ suid bit is set
| >
| > # chgrp majordom wrapper
| >
| > # ls -l wrapper
| > -rwxrwxr-x    1 root     majordom    15035 Dec  1 13:24 wrapper
| >    ^ suid bit was removed
| >
| > This is clearly a bug as chgrp should only be modifying the group of a
| > file and not touching the permissions.
| [...]
| > I just realized that I should have given more information.  I was running
| > this command as root.  Given the above information about appropriate
| > privileges, I would think root would have all privileges and would not be
| > subject to this condition.  Is clearing of this bit something that chgrp
| > does or something that my kernel would handle?  I'm using Linux kernel
| > 2.3.99-pre8 on a Red Hat system.

Thanks to both of you for the report and analysis.  The POSIX spec for
the chown function says that it is implementation-defined whether the
set-user-ID and set-group-ID bits are cleared in this case.  And the
spec for the chgrp program says that those bits shall be cleared,
`unless chgrp is invoked by a process with appropriate privileges'.
The GNU chown program has the same problem.

I've fixed chgrp and chown to conform even on systems for which a
chown call clears the set-uid and set-gid bits.

Jim



reply via email to

[Prev in Thread] Current Thread [Next in Thread]