setgid bit madness

Ulrich Spörlein uqs at spoerlein.net
Tue Nov 17 03:12:47 PST 2009


Hi all,

I'm having trouble finding out, why chdir(2) fails with permission
denied for setgid binaries. Here's a test case that works for Free and
Open, why doesn't it work on Dragonfly 2.4.0 (Hammer FS).


#include <sys/types.h>
#include <stdio.h>
#include <unistd.h>

int
main(int argc, char *argv[])
{ 
  gid_t gid, egid;;

  gid=getgid();
  egid=getegid();
  printf("gid=%d egid=%d\n", gid, egid);
  if (chdir("doener") < 0) {
    perror("chdir");
  }

  return (0);
}



write this to test_gid.c and then run:

% cc -o gid test_gid.c && sudo install -g 123 -m 2555 gid gid2 && sudo install -d -g 123 -m 0550 doener; ./gid; ./gid2
gid=1000 egid=1000
chdir: Permission denied
gid=1000 egid=123
chdir: Permission denied


The second EPERM should not happen, as the gid2 binary is setgid 123.
What am I missing here?

Regards,
Uli





More information about the Users mailing list