[Samba] Sticky bit problem
Linda Walsh
samba at tlinx.org
Sun Jun 19 21:24:21 MDT 2011
Linda Walsh wrote:
> David Aldrich wrote:
>> Hi
>>
>> We are building a Linux app under Centos 5.3, using gnu make 3.81 and
>> gcc 4.12. The working directory is on a remote machine and is either
>> a Samba share or a Windows 7 share. We find that in the case of a
>> Windows 7 share the resulting executable has the sticky bit set in group:
>>
>> On Windows 7 share:
>>
>> -rwxrwSrwx 1 <snip> myapp
> T is the sticky bit, S is the SxID bit....
>
> BUT, a cap S, means the execute bit isn't set. so theoretically,
> someone in the same group wouldn't be able to access any files or subdirs
> but they could, theoretically read the names of the files...
-----
Forget what I said above -- you said it was on an executable,
not on a dir.
the cap S means the execute bit isn't set. If the 'SGID' AND the
execute bit are set then it's a lowercase 's'....
So of course, someone in whatever group shoudln't
be able to execute it since the execute bit is 'off'.
if the SGID bit is 'on', it should force whoever executes the file
into that group (while they are running that program) (if they aren't already)....you may not want that... but apparently, over CIFS, the
SGID bit isn't being transmitted anyway....the permissions just look
odd on the CIFS client...it shouldn't show it as group executable.
What that is really saying on 'linux' is that anyone in that group can't
execute it.
The user can, group cannot, everyone else can....
More information about the samba
mailing list