On Fri, Jun 09, 2000 at 05:40:17AM -0700, Eric G . Miller wrote:
>
> AFAIK, sticky bits, setuid, setguid are "inherited" from the parent
no, only setgid bits on directories are inherited by new
subdirectories.
the sticky bit (---------t) is not inherited (see /tmp) nor is
setuid.
setuid/gid bits are obviously not inherited by files either (that
would be a nice MS sized security hole ;-))
> dirs. By default, Debian sets home dirs dwrxr-sr-x, or 2755. Don't
> think the umask affects that... Also, by default, when users are created
> they are members of a group with the same name as the user name. All of
> these things can be changed... The setgid thingy isn't a bad thing,
> since files/dirs are given the same gid the user has, which presumably
> isn't shared by other users (unlike a "users", or "faculty" catch all
> group).
the setgid bit on directories is useful if you have an additional
group say `bigproj' and you want to share a directory to work on that,
you can have your umask something like 027 or 007 and have a directory
setgid bigproj that way anything you create there automatically has
the correct group so members of bigproj and see/work on it but no one
else can.
> #! /bin/sh
> echo 'Linux Must Die!' | wall
> dd if=/dev/zero of=/vmlinuz bs=1 \
> count=`du -Lb /vmlinuz | awk '{ /^([0-9])+/ ; print $1 }'`
dd: /vmlinuz: Permission denied
> shutdown -r now
shutdown: must be root.
;-)
--
Ethan Benson
http://www.alaska.net/~erbenson/
Attachment:
pgpojsfOHwYRz.pgp
Description: PGP signature