DragonFly users List (threaded) for 2009-11
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]

Re: setgid bit madness

From:	Stathis Kamperis <ekamperi@xxxxxxxxx>
Date:	Tue, 17 Nov 2009 13:17:26 +0200

2009/11/17 Ulrich Spörlein <uqs@spoerlein.net>:
> Hi all,
>
> I'm having trouble finding out, why chdir(2) fails with permission
> denied for setgid binaries. Here's a test case that works for Free and
> Open, why doesn't it work on Dragonfly 2.4.0 (Hammer FS).
>
>
> #include <sys/types.h>
> #include <stdio.h>
> #include <unistd.h>
>
> int
> main(int argc, char *argv[])
> {
>  gid_t gid, egid;;
>
>  gid=getgid();
>  egid=getegid();
>  printf("gid=%d egid=%d\n", gid, egid);
>  if (chdir("doener") < 0) {
>    perror("chdir");
>  }
>
>  return (0);
> }
>
>
>
> write this to test_gid.c and then run:
>
> % cc -o gid test_gid.c && sudo install -g 123 -m 2555 gid gid2 && sudo install -d -g 123 -m 0550 doener; ./gid; ./gid2
> gid=1000 egid=1000
> chdir: Permission denied
> gid=1000 egid=123
> chdir: Permission denied
>
>
> The second EPERM should not happen, as the gid2 binary is setgid 123.
> What am I missing here?
>
> Regards,
> Uli
>

I think this have been fixed by corecode@ with:
http://gitweb.dragonflybsd.org/dragonfly.git/commit/609c6f34fef1b0942cfff9f26bc1844a4858ad7c

Perhaps we should MFC it.


Cheers,
Stathis

References:
- setgid bit madness
  - From: Ulrich Spörlein <uqs@spoerlein.net>

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]