2 (very old) bugs?

Gavin Atkinson gavin at FreeBSD.org
Sun Oct 26 03:43:11 PDT 2008


On Sun, 26 Oct 2008, Yannick Cadin wrote:

> - first in the stat command. Only with the -x option. If you execute stat -x 
> on /tmp or /usr/bin/passwd parameters for example, the numeric representation 
> of mode is wrong. The "special" bits are always 0. No suid-bit, no sticky 
> bit!

Although this does seem wrong to me, the code does it deliberately.  I'm 
not sure why, it may be to be compatible with Linux (as the -x option is 
documented in the man page as giving "Linux format" output).

> - Second. Because of a missing suid-bit on the newgrp command, this one is 
> not really usable for users other than root.

This is deliberate, and is docimented in make.conf(5).  Because almost 
nobody uses newgrp(1) and because it has the potential to be a security 
hole, it's not installed setuid by default.  If you want it installing 
setuid, set ENABLE_SUID_NEWGRP in make.conf.

Gavin


More information about the freebsd-stable mailing list