BUG with g+s: Re: "Inherit Permissions" request for comments
mjt at tls.msk.ru
Mon Jun 5 11:42:27 GMT 2000
David Lee wrote:
> > Here, samba efficiently clears the g+s bit implicitly set by unix,
> > by the chmod() call:
> > mkdir(path, 0755) will create dir with rwxr-sr-x
> > chmod(path, 0755) will reset mode to rwxr-xr-x
> For the "inherit permissions"/setgid combination, the call will
> dos_mkdir(..., 2755)
> Note the "2".
Yes, for inherit, it will be. But without inherit, it will be
that I wrote (755 without 2). For samba 2.0.6, chmod will not be
called, and dir will have 2755 as when created. In the other words,
inherit permissions parameter changed semantics of g+s when unset.
If this is considered normal, than it should be documented as
compatibility change (that is, 2.0.7 is incompatible with all previous
versions on this respect). But I think that it is not normal, since
with 2.0.6 and earlier, I can control g+s bit per-directory in share,
while inherit (as you noted and started this thread) is not as good as
seemed to be (from security reasons), and I prefer to turn it off.
More information about the samba-technical