[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: chmod set-gid/set-uid behavior change issues

From: Paul Eggert
Subject: Re: chmod set-gid/set-uid behavior change issues
Date: Fri, 28 Jul 2006 03:31:35 -0400
User-agent: Gnus/5.1008 (Gnus v5.10.8) Emacs/21.4 (gnu/linux)

address@hidden (Bob Proulx) writes:

> I am not sure how far things can go because
> tar, cpio, etc. all set file permissions too and have their own ideas.

I am one of the tar and cpio maintainers and I'd like them to be
consistent too.  They use the gnulib modechange module, so should pick
up on whatever we decide.

> I actually think the mkdir -m case is wrong.  But HP-UX works
> that way too.  I imagine it is a SysV'ism.

More likely it follows from both systems attempting to use the umask
and mkdir calls to create the directory and set the file permission
bits, rather than the mkdir and chmod calls.  Using umask avoids
a window where the directory has the wrong file permission bits.

POSIX specifies only the file permission bits of directories created
by mkdir, even if you use "mkdir -m", so all these behaviors conform

> Also looking at what the behavior of 'cp -pR' is on systems shows that
> things are different.  On HP-UX 'cp -pR' clears the sgid bit.

cp is a somewhat-different animal.  The POSIX spec is unclear here,
since the setgid bit is covered in two different sections and they
disagree in your case.  In cases like these implementations can
do things either way, though POSIX should be clarified.

> Although the HP-UX mkdir -m behavior is probably what you *want*
> more often.  But when heuristics are involved to try to guess what I
> want instead of what I say it usually works out badly for me in the
> long run.

I wouldn't call it "guesswork", I'd call it "preserve the setgid bit
unless the user says otherwise".  (No guessing there.  :-) Seriously,
though, I share your concern about heuristics.  What I can say,
though, is that Solaris has been using heuristics like these for a
couple of decades, so we have some experience that they don't cause
huge problems.  And my experience is that they are more convenient.

Your summary makes it clear that this area is murky and buggy: HP-UX
"mkdir -m a+rwx" resulting in d-----S-w- is clearly bogus, and FreeBSD
"mkdir -m a+rwx" resulting in drwxrwxrwx (when the directory would
normally have the setgid bit set) is also bogus.  (Coreutils 5.97
agrees with FreeBSD here, which is partly what started me on this
change.)  This is one case that Solaris 10 gets right, yielding

reply via email to

[Prev in Thread] Current Thread [Next in Thread]