I have a user AAA who's who is part of a group call clserv and techsupp, His userfiles have the following permissions:-
he has a link in his UserFiles/
he saves pdf's from a scanner in the following
When saving the pdf from the scanner in the above directories the other people in his dept 'techsupp' can not open the files????? even though they are a part of the same group and the s for 'others' ....still dont work??? HELP...is it some sort UMASK issues?? ...newbie lost
Why isn't Sticky/suid working? I would like all members of “techsupp” to be able to open pdf's in the A,B,C Directories which is own by user AAA
Can any of you tell me what im doing wrong or why this setup isnt working?? thanks in advance
Thanks
Last edited by Scott; 09-19-2013 at 04:59 PM..
Reason: Please take the time to better format your posts.
What permissions and owners do the PDF's end up as?
the permissions are 600 (rw-------) when saved from xerox workcentre to his userfiles... However when he puts the pdf in directory A B C they should inherit the sticky and group permissions... ???
all other users can cd into A B C see the files but cant view the pdfs ??
thanks for your replies
how comes the scanners default permissions override the systems permission>??
Last edited by kilobyter; 09-20-2013 at 07:49 AM..
I believe this issue is caused by a misunderstanding of the sticky bit, SUID, SGID, and the like. If I am not mistaken, you are just trying to allow the users of the techsupp group to open the PDF files owned by the user AAA, which are created using a scanner. Am I correct?
The sticky bit here should be set if you don't want to allow other users (except for root and the owner of the files) to delete / rename those files.
SUID and SGID are typically set for executables --> So a workaround that you could try is setting them for the executable that OPENS the PDF files instead for the files themselves.
In this link you can find a good reference on SUID, SGID, and the sticky bit.
Other than that, I would check the samba configuration file (if this is a shared printer over a network) and make sure the create mask and the directory mask are correctly set.
Hope any of this helps .
the permissions are 600 (rw-------) when saved from xerox workcentre to his userfiles...
You forgot to tell me what the ownerships were... That's what the group-sticky bit on directories is supposed to do. It doesn't have anything to do with rwx------, because it's possible for it to be the right owner and group and set unreadable.
Quote:
how comes the scanners default permissions override the systems permission>??
umask, which gets set on login in various ways. What's your FTP daemon?
Just learning about the privilege escalation method provided by setuid. Correct me if I am wrong but what it does is change the uid of the current process to whatever uid I set. Right ?
So what stops me from writing my own C program and calling setuid(0) within it and gaining root privileges ?
... (2 Replies)
so im writing a script for a android system. these types of systems are not the typical unix systems.
what i need to do is basic. i have a script which I put in a directory and then zipped up the directory in a zip file. that way, when the script is unzipped, the person unzipping will see... (1 Reply)
Hi,
I have the following 3 test files to test setuid bit which if it works I would like to implement in our application. However setuid doesnot seem to be having any impact on my test below.Following are the 3 files of interest in /tmp/ folder.
$ ls -ltr *env*
-rw------- 1 g332008 users 6... (23 Replies)
While I was looking for tips for hardening the security of my MAC OSX I found the following posting:
"<How to disable Setuid and Setgid Binaries >
Setuid programs run with the privileges of the file's owner
(which is often root), no matter which user executes them.
Bugs in these programs... (6 Replies)
Hi, I am creating a ksh script to search for a string of text inside files within a directory tree. Some of these file are going to be read/execute only. I know to use chmod to change the permissions of the file, but I want to preserve the original permissions after writing to the file. How can I... (3 Replies)
Hi
I am trying to automate the install of a package, I realise that I need to create an admin file, but as part of the install I am asked if I want to install these as setuid/setgid files, I want to say yes.
What value am I supposed to use for setuid= in the admin file
Thanks (1 Reply)
hi..
why we go for setuid, setgid permissions?
as a system admin ,when we use this ,except default solaris setuid,setgid files and dirs..
hopes that anyone can help me regarding this.. (1 Reply)
About System and Perl: Sun Solaris 5.9 sparc, Perl 5.6.1
I've decided to use the perl file::find module to look for all the SETUID and SETGID files on my unix boxes. I wrote something like this: (I've shorted it a little to make it simple)
#!/opt/perl/bin/perl
use File::Find;
find... (1 Reply)
Hi,
I have been looking at setuid and setgid.
I understand that setuid determines who owns the file and setgid determines which group of people can access the file... yeah?!
But i need to know how to actually use setuid and setgid. I'm guessing chmod will feature somewhere..
Any help... (1 Reply)