On Sun, Jul 1, 2018 at 6:23 AM Thomas Levine <_@thomaslevine.com> wrote:
> I was just reading about the effect of Set-user-Id and Set-group-Id bits
> on file creation, as they seem like they would be useful for me.
> Unfortunately, most of the documentation I have managed to find is
> related to GNU systems, and this could easily be different in OpenBSD.
>
> https://www.gnu.org/software/coreutils/manual/html_node/Directory-Setuid-and-Setgid.html
This goes back to a split in behavior between the BSD-derived and
USG-derived ("Unix Systems Group", spun off from AT&T) systems.
BSD-derived systems always gave new files the group of the directory in
which they were created, while USG-derived systems used the effective
group-id of the process that created the file. Vendors realized the BSD
behavior is more useful for actual groups of people, but they presumably
didn't feel like they could change the behavior of their existing systems
so they added this "setgid on the directory means follow BSD rules"
behavior. Linux has always had a more USG/Sys5 flavor to it, so they
followed that rule instead of just making the behavior the Right Thing.
> It appears that they have no effect on file creation. Rather, they a
> only "on execution", as specified in the manual.
> https://man.openbsd.org/chmod
Correct: those bits are ignored by OpenBSD on anything but executable
normal files.
> Very conveniently for me, this behaviour (u-s,g+s in GNU) is the mode
> that I want. Perhaps this is by design.
>
Yep.
Philip Guenther
No comments:
Post a Comment