No subject


Tue Dec 2 03:01:20 GMT 2003


The first indeed is that most UNIXes drop the high order bits when 
doing mkdir(). This can be handled by checking for any demanded high 
order bits and in the positive case stat()ing the newly created 
directory, then adding the missing bits with chmod(). In most cases 
only one the mkdir() system call will be needed, with high order bits 
we need one more stat() and one more chmod(), as proposed by Michael. 
Issue closed.

The second problem is that by creating the directory in a world 
writeable directory, a malicious user could delete/rename it and 
create a symlink to another file (s)he wants the SGID bit set. (S)he 
would have to do this in the small time window between mkdir(x, 0777) 
and chmod(x, 01777). This is - from my point of view - a non-issue on 
any system where the administrator does his job and takes care of 
having the sticky bit set on all world writeable directorys.

>My proposal was to do the mkdir with a mode of 0 and then setting not
>only the sticky bit but the wanted permissions as well by the 
>following chmod - nothing more and nothing less.

This would add the need for an additional stat()/chmod() sequence in 
_every_ dos_mkdir(), not only for the - probably rare - case of "force 
directory mode = 01xxx".

Regards,
        Robert


-- 
---------------------------------------------------------------
Robert.Dahlem at gmx.net           Fax +49-69-432647
---------------------------------------------------------------






More information about the samba-technical mailing list