[英]setgid does not work on /tmp/
I have this C program: 我有这个C程序:
#include <sys/stat.h>
#include <stdlib.h>
int main(void) {
if (chmod("/tmp/foo", 0755 | S_ISGID) < 0) {
exit(1);
}
exit(0);
}
When I run it like this: 当我这样运行时:
rm -f /tmp/foo &&
touch /tmp/foo &&
./a.out &&
ls -al /tmp/foo &&
a.out
runs with exit code 0
but the output is: a.out
使用退出代码0
运行,但输出为:
-rwxr-xr-x 1 philipp wheel 0 Mar 16 06:58 /tmp/foo
Why is the groupid flag not set here? 为什么未在此处设置groupid标志? The permissions should be
-rwxr-sr-x
. 权限应为
-rwxr-sr-x
。
The following things would fix the issue (but I still wonder why I see this effect): 以下操作可以解决此问题(但我仍然想知道为什么会看到这种效果):
S_ISUID
) S_ISUID
) What I tried but didn't work: 我试过但没用的东西:
chmod g+s /tmp/foo
also doesn't work chmod g+s /tmp/foo
也不起作用 /tmp/
to something different, eg 0777
or 4777
/tmp/
上的权限更改为其他内容,例如0777
或4777
So the question remains: what does make /tmp/
different from the other directories if it's not the permissions? 所以问题仍然存在:如果没有权限,
/tmp/
与其他目录有什么区别? The only difference I could see is: 我能看到的唯一区别是:
ls -al /
showed tmp as this: 显示tmp为:
lrwxr-xr-x@ 1 root wheel 11 Dec 11 19:28 tmp -> private/tmp
The @
sign at the end shows that there are some non-unix properties set on the directory. 最后的
@
符号表明目录中设置了一些非unix属性。 Querying those with ls -l@ /tmp
shows: 用
ls -l@ /tmp
查询那些显示:
lrwxr-xr-x@ 1 root wheel 11 Dec 11 19:28 /tmp -> private/tmp
com.apple.FinderInfo 32
com.apple.rootless 0
Update : According to comment feedbacks and a downvote I figured the question is confusing, so I totally revised the question and the title. 更新 :根据评论反馈和不赞成票,我认为问题令人困惑,因此我对问题和标题进行了全面修订。 During revision I found out that I wrongly compared the effects of my program against
chmod u+s
which was wrong, I need to compare against chmod g+s
, I also corrected this in my question. 在修订期间,我发现我错误地将程序与
chmod u+s
的效果进行了比较,这是错误的,我需要与chmod g+s
进行比较,我也在问题中对此进行了更正。
The chmod()
system call sets the permissions on a file to only the value you provide. chmod()
系统调用将文件的权限设置为仅您提供的值。 This means that setting permissions to S_IRUSR | S_ISGID
这意味着将权限设置为
S_IRUSR | S_ISGID
S_IRUSR | S_ISGID
clears all other permissions, including user write and execute. S_IRUSR | S_ISGID
清除所有其他权限,包括用户写入和执行。
What you probably want is: 您可能想要的是:
chmod("/tmp/foo", 0755 | S_ISGID);
( 0755
being the octal mode for user read+write+execute and group/other read+execute -- it's a lot less typing than the equivalent constants.) (
0755
是用户读+写+执行和组/其他读+执行的八进制模式-与等效常量相比,它的键入少得多。)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.