Greg Black wrote: > On 2005-08-13, Jo�o Carlos Mendes Lu�s wrote: > >>Brooks Davis wrote: >> >>>On BSD systems, the group of a file is always the group of the directory >>>it is in. This differs from SysV UNIX. The resident grey-beard at work >>>feels this is a new and annoying behavior. (i.e. it wasn't always this >>>way. :) >> >>So this is expected behavior? Isn't this someway insecure? > > > It is documented behaviour (see open(2) for details). How is it > insecure?
I don't know how it could be unsecure. Is there any specifc reason for it to be different on SYSV and Linux? Or is it just a different choice? I could not find any vulnerability, but I do not like the idea that a user could create files belonging to a group himself does not belong. My first attempt was to mark this file setgid, but the system denies it: It is my file, but I am not in the file's group. That would be too easy. ;-) Nevertheless, if somebody leaves a directory writeable by anoybody, he should know what he's doing. If I could just make /tmp not writeable... ;-) _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
