C - development under UNIX - XENIX
Stephen J. Friedl
friedl at vsi.UUCP
Tue May 17 00:49:57 AEST 1988
In article <7774 at ncoast.UUCP>, allbery at ncoast.UUCP (Brandon S. Allbery) writes:
< As quoted from <14827 at jplgodo.UUCP> by deutsch at jplgodo.UUCP (Michael Deutsch ):
< +---------------
< | 2. A programm running with "setuid" privilege, i.e.: -rwsr-xr-x
< | tries to create directory and fails when executed by non-root,
< | however, it works when executed by root, why???
< +---------------
<
< Since /bin/mkdir is setuid, it runs as root/ORIGINAL USER. The setuid on
< mkdir overrides the setuid on the calling program. Thus, the ORIGINAL user
< must have permission to create the directory. The mkdir() system call doesn't
< have this problem.
A brief note here: mkdir does not always work properly if called from
a setgid program. If the real user+group does *not* have permission to
see the file but the effective group *does*, mkdir permission is denied.
This is because mkdir(1) does not reset the effective group to real group
before the access(2) call. As indicated, mkdir(2) should work OK.
--
Steve Friedl V-Systems, Inc. (714) 545-6442 3B2-kind-of-guy
friedl at vsi.com {backbones}!vsi.com!friedl attmail!vsi!friedl
More information about the Comp.unix.questions
mailing list