Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: A little doubt regarding setgid and Unix access right flags.
Top Forums UNIX for Dummies Questions & Answers A little doubt regarding setgid and Unix access right flags. Post 302404936 by verdepollo on Wednesday 17th of March 2010 02:51:02 PM
Old 03-17-2010
A little doubt regarding setgid and Unix access right flags.
Hi all!

I have a folder with permissions 2770 (SETGID)

Code:
drwxrws---   2 loguser   admins            5 Mar 17 11:11 mydir

Inside that folder there are some files with permissions 0640:

Code:
-rw-r-----   1 loguser   admins            0 Mar 17 11:11 monday.log
-rw-r-----   1 loguser   admins            0 Mar 17 11:11 tuesday.log
-rw-r-----   1 loguser   admins            0 Mar 17 11:11 wednesday.log


"mike" is a member of the "admins" group.

When I login as mike, go through the above folder and try to delete a file it shows:

Code:
override protection 640 (yes/no)?

And if I input "yes" it will let me delete the file.

Why is it letting "mike" delete the file, even when the file uses "0640" (read-only for the group)

I hope you could help me clarify this. Smilie

Thanks.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Using setuid and setgid

Hi, I have been looking at setuid and setgid. I understand that setuid determines who owns the file and setgid determines which group of people can access the file... yeah?! But i need to know how to actually use setuid and setgid. I'm guessing chmod will feature somewhere.. Any help... (1 Reply)
Discussion started by: crispy
1 Replies

2. Shell Programming and Scripting

flags to suppress column output, # of rows selected in db2 sql in UNIX

Hello, I am new to db2 SQL in unix so bear with me while I try to explain the situation. I have a text file that has the contents of the where condition that I am using for a db2 SQL in UNIX ksh. Here is the snippet. if ; then echo "Begin processing VALUEs" ... (1 Reply)
Discussion started by: jerardfjay
1 Replies

3. Programming

setgid

I have a setuid to root program that has now to be changed to setuid to oracle depending on who is running it. Oracle has only two groups, dba (primary) and osgrp1 (secondary). But running 'id' if oracle shows all the secondary groups belonging to root, and only dba or osgrp1 as the primary group... (2 Replies)
Discussion started by: blowtorch
2 Replies

4. UNIX for Advanced & Expert Users

Unix Doubt

What is Primary Group & Secondary group and what is the difference between them. (5 Replies)
Discussion started by: harishankar
5 Replies

5. UNIX for Dummies Questions & Answers

int open(const char *pathname, int flags, mode_t mode) doubt...

hello everybody! I want to create a file with permissions for read, write, and execute to everybody using C, so I write this code: #include <stdio.h> #include <sys/types.h> #include <sys/stat.h> #include <fcntl.h> int main(){ int fileDescriptor; fileDescriptor =... (2 Replies)
Discussion started by: csnmgeek
2 Replies

6. Solaris

about setuid setgid permissions

hi.. why we go for setuid, setgid permissions? as a system admin ,when we use this ,except default solaris setuid,setgid files and dirs.. hopes that anyone can help me regarding this.. (1 Reply)
Discussion started by: saravananpalani
1 Replies

7. UNIX for Dummies Questions & Answers

Doubt in Unix ??

Is it possible to create unix or linux commands ? if it is then how to create ?:) (1 Reply)
Discussion started by: Santhosh Raju
1 Replies

8. UNIX for Dummies Questions & Answers

How can I re-enable the setuid or setgid bits ???

While I was looking for tips for hardening the security of my MAC OSX I found the following posting: "<How to disable Setuid and Setgid Binaries > Setuid programs run with the privileges of the file's owner (which is often root), no matter which user executes them. Bugs in these programs... (6 Replies)
Discussion started by: Vera
6 Replies

9. Shell Programming and Scripting

Basic doubt in UNIX

Hi, I'm new to this and very much interested to learn unix. Can any one explain me the symbols y we use this is scripting(~ and $). It would be great if some one explain with the eg. Thanks Naveen A (2 Replies)
Discussion started by: Pranaveen
2 Replies

10. Shell Programming and Scripting

Setuid and setgid and similar settings

so im writing a script for a android system. these types of systems are not the typical unix systems. what i need to do is basic. i have a script which I put in a directory and then zipped up the directory in a zip file. that way, when the script is unzipped, the person unzipping will see... (1 Reply)
Discussion started by: SkySmart
1 Replies

LEARN ABOUT MOJAVE

setgid32

SETGID(2)						     Linux Programmer's Manual							 SETGID(2)

NAME

       setgid - set group identity

SYNOPSIS

       #include <sys/types.h>
       #include <unistd.h>

       int setgid(gid_t gid);

DESCRIPTION

       setgid()  sets  the  effective group ID of the calling process.	If the calling process is privileged (has the CAP_SETGID capability in its
       user namespace), the real GID and saved set-group-ID are also set.

       Under Linux, setgid() is implemented like the POSIX version with the _POSIX_SAVED_IDS feature.  This allows a set-group-ID program that	is
       not  set-user-ID-root to drop all of its group privileges, do some un-privileged work, and then reengage the original effective group ID in
       a secure manner.

RETURN VALUE

       On success, zero is returned.  On error, -1 is returned, and errno is set appropriately.

ERRORS

       EINVAL The group ID specified in gid is not valid in this user namespace.

       EPERM  The calling process is not privileged (does not have the CAP_SETGID capability), and gid does not match the real group ID  or  saved
	      set-group-ID of the calling process.

CONFORMING TO

       POSIX.1-2001, POSIX.1-2008, SVr4.

NOTES

       The  original  Linux setgid() system call supported only 16-bit group IDs.  Subsequently, Linux 2.4 added setgid32() supporting 32-bit IDs.
       The glibc setgid() wrapper function transparently deals with the variation across kernel versions.

   C library/kernel differences
       At the kernel level, user IDs and group IDs are a per-thread attribute.	However, POSIX requires that all threads in a  process	share  the
       same  credentials.   The NPTL threading implementation handles the POSIX requirements by providing wrapper functions for the various system
       calls that change process UIDs and GIDs.  These wrapper functions (including the one for  setgid())  employ  a  signal-based  technique	to
       ensure  that  when one thread changes credentials, all of the other threads in the process also change their credentials.  For details, see
       nptl(7).

SEE ALSO

       getgid(2), setegid(2), setregid(2), capabilities(7), credentials(7), user_namespaces(7)

COLOPHON

       This page is part of release 4.15 of the Linux man-pages project.  A description of the project, information about reporting bugs, and  the
       latest version of this page, can be found at https://www.kernel.org/doc/man-pages/.

Linux								    2017-09-15								 SETGID(2)
All times are GMT -4. The time now is 04:19 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy