Bug 487108 - [RHEL 4] Inconsistent behaviour in stripping SUID/SGID flags when chmod/chgrp directories
[RHEL 4] Inconsistent behaviour in stripping SUID/SGID flags when chmod/chgrp...
Status: CLOSED DUPLICATE of bug 507527
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: kernel (Show other bugs)
4.9
All Linux
medium Severity medium
: rc
: ---
Assigned To: Jeff Layton
Filesystem QE
:
Depends On: 485099
Blocks: 589293
  Show dependency treegraph
 
Reported: 2009-02-24 05:01 EST by Sachin Prabhu
Modified: 2013-03-03 19:20 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 485099
Environment:
Last Closed: 2010-10-12 20:19:11 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Proposed patch (1.30 KB, patch)
2009-08-17 09:01 EDT, Peter Staubach
no flags Details | Diff

  None (edit)
Description Sachin Prabhu 2009-02-24 05:01:29 EST
+++ This bug was initially created as a clone of Bug #485099 +++

There is an inconsistency seen in the behaviour of ext3 and nfs  when changing owner or group of a directory. If the directory has SUID/SGID flags set, the flags are maintained on ext3 however they are stripped on nfs.

Reproducer:

ext3:

file
# touch xyz; chmod u+s xyz; ls -l xyz; chown bin xyz; ls -l xyz
-rwSr--r--  1 root root 0 Feb 10 16:25 xyz
-rw-r--r--  1 bin root 0 Feb 10 16:25 xyz

directory
mkdir abc; chmod u+s abc; ls -ld abc; chown bin abc; ls -ld abc
drwsr-xr-x  2 root root 4096 Feb 10 16:23 abc
drwsr-xr-x  2 bin root 4096 Feb 10 16:23 abc


nfs:

file
# touch xyz; chmod u+s xyz; ls -l xyz; chown bin xyz; ls -l xyz
-rwSr--r--  1 root root 0 Feb 10 16:25 xyz
-rw-r--r--  1 bin root 0 Feb 10 16:25 xyz

directory
# mkdir abc; chmod u+s abc; ls -ld abc; chown bin abc; ls -ld abc
drwsr-xr-x  2 root root 4096 Feb 10 16:23 abc
drwxr-xr-x  2 bin root 4096 Feb 10 16:23 abc

Check the SUID/SGID flags on the directory before and after the chown operation for directories. The flags are stripped under nfs but not under ext3. The behaviour for operations on the file are consistent.

--- Additional comment from sprabhu@redhat.com on 2009-02-11 11:13:15 EDT ---

The behaviour as it stands does not appear to violate POSIX. See:

http://www.opengroup.org/onlinepubs/7990989775/xcu/chgrp.html
http://www.opengroup.org/onlinepubs/7990989775/xsh/chown.html

"Unless chgrp is invoked by a process with appropriate privileges, the set-user-ID and set-group-ID bits of a regular file will be cleared upon successful completion; the set-user-ID and set-group-ID bits of other file types may be cleared."

"If the path argument refers to a regular file, the set-user-ID (S_ISUID) and set-group-ID (S_ISGID) bits of the file mode are cleared upon successful return from chown(), unless the call is made by a process with appropriate privileges, in which case it is implementation-dependent whether these bits are altered. If chown() is successfully invoked on a file that is not a regular file, these bits may be cleared. These bits are defined in <sys/stat.h>."

So POSIX does not require a particular behaviour even if the process has "appropriate privileges" (which itself is not defined) but leaves this to be defined by the implementation. However the actions performed are inconsistent when comparing ext3 and nfs.

--- Additional comment from jlayton@redhat.com on 2009-02-11 11:34:34 EDT ---

Yes, even if we don't violate the letter of the spec it would be good to have the kernel behave consistently here. The point is that chown_common (which is what chown() calls from userspace pass through) only tries to kill the setuid/gid bits if it's not a directory.

I think we should add a clause to nfsd_setattr that just does the bit-clearing if !S_ISDIR.

This will need to go upstream first, but it may be a little while before I can get to it. Shouldn't be too hard a patch if someone else wants to do the legwork for it though.

--- Additional comment from sprabhu@redhat.com on 2009-02-23 11:39:26 EDT ---

http://article.gmane.org/gmane.linux.nfs/24652
Comment 6 Peter Staubach 2009-08-17 09:01:52 EDT
Created attachment 357650 [details]
Proposed patch
Comment 7 RHEL Product and Program Management 2009-08-17 09:30:39 EDT
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 9 Jeff Layton 2010-10-12 20:19:11 EDT

*** This bug has been marked as a duplicate of bug 507527 ***

Note You need to log in before you can comment on or make changes to this bug.