[PVFS-developers] chgrp semantics
Rob Ross
rross at mcs.anl.gov
Fri May 14 15:58:45 EDT 2004
Hi Don,
This has been applied in CVS. Thanks!
Rob
On Thu, 29 Apr 2004, Porter Don wrote:
> It seems that there are two bugs in the chgrp/chown semantics in pvfs, one
> old and one new.
>
> The old one is that even as far back as 1.6.0, pvfs allows a member of a
> group to change the group on a file. The chown(2) man page says that only
> the owner of a file or root can change the file group. This may have been
> the intention, but requests to change only group send a -1 as the target
> owner, falling through this permission check in md_chown.
>
> The new one is that in the setgid bit patch, a '!' was dropped from this
> permission checking, thus preventing anyone (including owner) who is a
> member of the owning group from changing the group, but allowing anyone who
> is not in the owning group to change the group.
>
> Further, the sticky bit patch changed the semantics to not allow group
> membership to be changed by anyone except root if the setgid bit is set.
> This is not how ext2 works. The setgid bit should only affect file
> creation, not lock the group down permanently.
>
> Attached is a patch against 1.6.3pre1 that corrects these issues.
>
> Thanks,
> don
More information about the PVFS-developers
mailing list