No subject
Tue Dec 2 03:01:20 GMT 2003
The first indeed is that most UNIXes drop the high order bits when
doing mkdir(). This can be handled by checking for any demanded high
order bits and in the positive case stat()ing the newly created
directory, then adding the missing bits with chmod(). In most cases
only one the mkdir() system call will be needed, with high order bits
we need one more stat() and one more chmod(), as proposed by Michael.
Issue closed.
The second problem is that by creating the directory in a world
writeable directory, a malicious user could delete/rename it and
create a symlink to another file (s)he wants the SGID bit set. (S)he
would have to do this in the small time window between mkdir(x, 0777)
and chmod(x, 01777). This is - from my point of view - a non-issue on
any system where the administrator does his job and takes care of
having the sticky bit set on all world writeable directorys.
>My proposal was to do the mkdir with a mode of 0 and then setting not
>only the sticky bit but the wanted permissions as well by the
>following chmod - nothing more and nothing less.
This would add the need for an additional stat()/chmod() sequence in
_every_ dos_mkdir(), not only for the - probably rare - case of "force
directory mode = 01xxx".
Regards,
Robert
--
---------------------------------------------------------------
Robert.Dahlem at gmx.net Fax +49-69-432647
---------------------------------------------------------------
More information about the samba-technical
mailing list