Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Newbie, permissions (0755, 02755), why are they different?

703 views
Skip to first unread message

Pritchie

unread,
Dec 1, 2003, 4:16:28 AM12/1/03
to
Hi,

From the "daily insecurity output" I keep getting the following...

Checking special files and directories.
Output format is:
filename:
criteria (shouldbe, reallyis)
usr/local:
permissions (0755, 02755)
usr/local/bin:
permissions (0755, 02755)

This is a new install of OpenBSD 3.4.

Why are the numbers different and how do I fix them?

What does "2000 Set-group-ID on execution." actually do? Set the group
ID to what? Do I really want to change it?

Thanks in advance...

Regards
Pritchie


Dorian Büttner

unread,
Dec 1, 2003, 8:37:46 AM12/1/03
to

> Why are the numbers different and how do I fix them?
dont' know and chmod 0755 /usr/local

>
> What does "2000 Set-group-ID on execution." actually do? Set the group
> ID to what?
on execution by any user it changes the executing group-id to the group-id
of the directory. executing a directory means cd'ing into it.

> Do I really want to change it?
I'd say yes.

Pritchie

unread,
Dec 1, 2003, 4:37:10 PM12/1/03
to
Thanks for your reply.

Therefore what you are saying is if
drwxr-sr-x 21 root wheel 512 Apr 11 2003 local
Then any process ran from this directory is ran under the group-id of wheel?
isn't this dangerous changing the group-id like that? I thought wheel was
the admin group?

Thanks
Pritchie

"Dorian Büttner" <dorian....@gmx.de> wrote in message
news:bqfjps$khq$01$1...@news.t-online.com...

Thorsten Glaser

unread,
Dec 1, 2003, 5:06:35 PM12/1/03
to
Dixitur illum nntp...@pritchie.com.nospam scribere...

>Therefore what you are saying is if
> drwxr-sr-x 21 root wheel 512 Apr 11 2003 local

There's no difference for DIRECTORIES under BSD-style unixes
between sgid and non-sgid.
SYSV-style unixes and GNU systems however behave as told.

>"Dorian Büttner" <dorian....@gmx.de> wrote in message
>news:bqfjps$khq$01$1...@news.t-online.com...

http://www.afaik.de/usenet/faq/zitieren/

Additionally, it's called "referral line", not novel.

//Thorsten
--
Solange man keine schmutzigen Tricks macht, und ich meine *wirklich*
schmutzige Tricks, wie bei einer doppelt verketteten Liste beide
Pointer XORen und in nur einem Word speichern, funktioniert Boehm ganz
hervorragend. -- Andreas Bogk über boehm-gc in d.a.s.r

Pritchie

unread,
Dec 2, 2003, 4:26:54 AM12/2/03
to
Sorry Dorian, while re-reading your email at home I released my mistake...

they are 02755 and should be 0755....

thanks
Pritchie


"Dorian Büttner" <dorian....@gmx.de> wrote in message
news:bqfjps$khq$01$1...@news.t-online.com...
>

0 new messages