Subject: Re: clearing suid/sgid bits upon ownership change
To: None <current-users@NetBSD.ORG>
From: None <tooleym@Douglas.BC.CA>
List: current-users
Date: 12/10/1997 12:08:15
On Wed, 10 Dec 1997, Jim Wise wrote:

> Date: Wed, 10 Dec 1997 11:58:44 -0500 (EST)
> From: Jim Wise <jimw@numenor.turner.com>
> To: Rob Windsor <windsor@warthog.com>
> Cc: tech-kern@NetBSD.ORG, current-users@NetBSD.ORG
> Subject: Re: clearing suid/sgid bits upon ownership change
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> On Tue, 9 Dec 1997, Rob Windsor wrote:
> 
> > securelevel >1. I can't stand this behavior.  No other modern un*x in the
> > world does this insane crap.  I just love `surprises' like this in NetBSD --
> > not.
> 
> - From the XSI5 (Unix 98) Standard:
> 
> 	If the path argument refers to a regular file, the set-user-ID
> 	(S_ISUID) and set-group-ID (S_ISGID) bits of the file mode are
> 	cleared upon successful return from chown(), unless the call is
> 	made by a process with appropriate privileges, in which case it
> 	is implementation-dependent whether these bits are altered. 
> 
> It is also not true that ` No other modern un*x in the world does this':
> 
> Solaris 2.6:
[example deleted]
> Irix 6.2
[example deleted]
> So, this feature may or may not be a good idea, (I like it myself), but
> it _is_ standard, and it _is_ widely implemented.

Would this be another paranoia security feature as part of the file
system or perhaps kernel specs? I think I prefer this sort of behaviour--I
think once certain suid programs are set up, I don't want them changing
groups and still having the same supernatural powers. Once I set root's
group, there's little chance of me changing everything.

It makes sense in a way, at least to me, and the behaviour is expected
--removing it could open up a slew of problems. We've had the behaviour
for a while now, people and programs expect it. If we change it, we'd have
to ensure that all references to chgrp or guids are reprogrammed.

I think buddy just spoke a little hastily--in anger, perhaps after trying
to reconfigure his group/passwd/etc.