On 14/11/99 Kevin Heath wrote:
Could someone please remind us exactly what setgid on directories does? I think it causes any file created in that directory to automatically have its group ownership, but I'm not certain.
yup, any file/directory created in a setgid directory inherits the group of the parent, in other words it changes the behavior from SysV to BSD...
though I have not found it in the policy i assume the permissions are this way to allow a user to be added to group src and then can compile and install sources without being root, a very good idea, just so you are not too promiscuous about who is a src member.
does anyone know the exact rational for the root.staff 2775 permissions on /usr/local? I suppose it could theoretically be used to allow a privileged user to do make installs on non packaged software and have it work in /usr/local, but there are some problems i see with this, it really seems more reliable and perhaps safer (security wise) to just gain root privileges to do a make install. this way all the ownership is correct, of course most install scripts set permissions 755/644 which will force read only permission on the group staff anyway...
Best Regards, Ethan Benson To obtain my PGP key: http://www.alaska.net/~erbenson/pgp/