Results 1 to 2 of 2
  1. #1
    Join Date
    Aug 2008
    Location
    Toronto, Canada
    Posts
    2,367

    Unanswered: SGID reset - chgrp command

    My question is a general Unix/Linux question. Was not sure where to post it on dbforums so picked this forum. I hope someone can answer it.


    Using regular id, ctginst1:

    ctginst1@xxxxxxxx:/home/ctginst1> id
    uid=213(ctginst1) gid=212(db2iadm1) groups=1(staff),204(db2grp1)


    ctginst1@xxxxxxxx:/home/ctginst1> mkdir test; chgrp db2grp1 test; chmod 3775 test; ls -ld test
    drwxrwsr-t 2 ctginst1 db2grp1 256 Oct 12 13:12 test


    ctginst1@xxxxxxxx:/home/ctginst1> chgrp db2iadm1 test; ls -ld test
    drwxrwxr-t 2 ctginst1 db2iadm1 256 Oct 12 13:12 test



    Repeating chgrp using root:

    ctginst1@xxxxxxxx:/home/ctginst1> mkdir test; chgrp db2grp1 test; chmod 3775 test; ls -ld test
    drwxrwsr-t 2 ctginst1 db2grp1 256 Oct 12 13:18 test


    root@xxxxxxxx:/home/ctginst1> chgrp db2iadm1 test; ls -ld test
    drwxrwsr-t 2 ctginst1 db2iadm1 256 Oct 12 13:18 test


    Why does SGID get reset when using a regular id but not when using root?

  2. #2
    Join Date
    Sep 2009
    Location
    Ontario
    Posts
    1,057
    Provided Answers: 1
    Probably an interpretation of what is adequate security.
    On SCO Unix:
    The execution bit is dropped if the group is changed.
    A user can change the execution bit to any valid group.

    On Suse Linux:
    The execution bit stays if the group is changed.
    A user can only change a group to a group they are already a member of.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •