On Fri, Jun 09, 2000 at 12:45:10PM +0800, Andrew McRobert wrote: > hi all > > When a user creates a new directory/file in their home directory, the setuid > bit is always set for group members, ie. > > drwxr-sr-x
the setgid bit on directories changes the file creation behaviour from SysV to BSD: SysV: when a new file/directory is created the group is set to the user's primary group id (or rather the primary group id of the parent process) BSD: when a new file or directory is created the group is set to that of the parent directory, regardless of the user's group membership. so under Linux (and i think many SysV like systems) when the setgid bit is set on a directory any files created in that directory will have the group set to that of the parent (the setgid directory) just like BSD. additionally, any directories created inside a setgid directory will have the setgid bit set automatically. this has nothing to do with umask. what happened to you is for some reason creates all user home directories with the setgid bit set. this is pointless since when you use the user group system the group will be the same, ie: your home directory will be set to your primary group, and any files you create are created with your primary group per SysV. if you don't like this (i don't, i hate seeing s bits ;-)) just remove the setgid bit from your home directory like so: chmod -s ~ and off of any directories you have in your home. > umask = 022, what do I need to set it to, for new files to = drwxr-xr-x ... > and is this ok security-wise ... the execute bit? there is no security problem with setgid directories. (except if the group the directory is set to is public and you don't want files created under it to have that group) -- Ethan Benson http://www.alaska.net/~erbenson/
pgpOKzhva4EZ4.pgp
Description: PGP signature
