[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: mkdir() and group id

From: Thomas Bushnell, BSG
Subject: Re: mkdir() and group id
Date: 27 Apr 2002 13:12:15 -0700
User-agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.2

Oystein Viggen <oysteivi@tihlde.org> writes:

> * [Thomas Bushnell, BSG] 
> > Yes, group 0 is the wheel group.  HOW DOES THIS CAUSE A SECURITY
> > ISSUE?  Please be specific and not vague.
> Combined with umask 002 (suggested by yourself), this gives members of
> the wheel group write access to all files created in /tmp by default, as
> these files will be writable for group root.  This is bad, as I don't
> believe being a member of the wheel group should give access to mess
> with other peoples files without actually typing in su and the root
> password.

This is not a security issue.  Members of the wheel group already have
the power to write such files (by using su, of course).  In any case,
this is the basic reason why the inherit-group property probably
should be restricted to inherit-only-if-i'm-a-member-of-the-group.  

reply via email to

[Prev in Thread] Current Thread [Next in Thread]