security hole in 2.0.0 ???
Edan Idzerda
edan at mtu.edu
Tue Jan 19 03:26:03 GMT 1999
On Tue, 19 Jan 1999, Florian G. Pflug wrote:
> On Mon, Jan 18, 1999 at 09:41:14PM +1100, Stephan Hendl wrote:
> > I the [homes]-section I have to set "writable = Yes" in order to get
> > write access to my home-directory. Unfortunately this allows me to
> > delete a file that was created originally by root. But this is not
[ ... ]
> Debian GNU/Linux sets the sugid bit of /home/<user> by default. This makes
> every new created file by default onwed by the owner of the directory, which
> is <user>. S, if let´s say root does "touch /home/<user>/test, the file
> test is owned by the user <user> although root created the file - maybe
> that´s your problem?
Is this a feature of Linux that I'm unaware of? The setgid
bit on a directory means that files within that directory inherit
the *gid* of the parent.
I would have thought that Stephan Hendl's potential problem
was that root-owned files in user directories can be deleted
by the user, under regular unix permissions.
- edan
--
edan idzerda <edan at mtu.edu>
sysadmin/geek -- michigan technological university, houghton mi usa
More information about the samba
mailing list