GNU bug report logs - #5826
[feature] chmod +S to setgid directories alike +X

Previous Next

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 5826 in the body.
You can then email your comments to 5826 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Michał Górny <gentoo <at> mgorny.alt.pl>
To: bug-coreutils <at> gnu.org
Subject: [feature] chmod +S to setgid directories alike +X
Date: Sat, 3 Apr 2010 13:04:25 +0200

Hello,

I would really appreciate if chmod supported setting setgid permissions
on directories (and files already having such) recursively, much like
'+X' does set executable permission. To match the '+X' one, I suggest
using '+S' for that.

-- 
Best regards,
Michał Górny

<http://mgorny.alt.pl>
<xmpp:mgorny <at> jabber.ru>

Message #8 received at 5826 <at> debbugs.gnu.org (full text, mbox):

From: Andreas Schwab <schwab <at> linux-m68k.org>
To: Michał Górny <gentoo <at> mgorny.alt.pl>
Cc: 5826 <at> debbugs.gnu.org
Subject: Re: bug#5826: [feature] chmod +S to setgid directories alike +X
Date: Sat, 03 Apr 2010 16:26:15 +0200

Michał Górny <gentoo <at> mgorny.alt.pl> writes:

> I would really appreciate if chmod supported setting setgid permissions
> on directories (and files already having such) recursively, much like
> '+X' does set executable permission. To match the '+X' one, I suggest
> using '+S' for that.

Since there is only a single setgid bit (unlike the exec bits) I don't
see the point of +S (it looks like a no-op).  Moreover, anything more
complex than what chmod already provides can easily be accomplished with
find.

Andreas.

-- 
Andreas Schwab, schwab <at> linux-m68k.org
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756  01D3 44D5 214B 8276 4ED5
"And now for something completely different."

Message #17 received at 5826-done <at> debbugs.gnu.org (full text, mbox):

From: Bob Proulx <bob <at> proulx.com>
To: Michał Górny <gentoo <at> mgorny.alt.pl>
Cc: 5826-done <at> debbugs.gnu.org
Subject: Re: bug#5826: [feature] chmod +S to setgid directories alike +X
Date: Sat, 3 Apr 2010 13:57:59 -0600

Michał Górny wrote:
> I would really appreciate if chmod supported setting setgid permissions
> on directories (and files already having such) recursively, much like
> '+X' does set executable permission. To match the '+X' one, I suggest
> using '+S' for that.

I suggest using 'find' for this.  And there is an advantage to using a
standard command.  It works anywhere.

  $ find . -type d -exec chmod g+s {} +

Also the setgid bit isn't like the execute bit.  They can't be directly
compared.  There are three execute bits.  The +X implements a not
completely trivial control flow.  If the file is a directory OR if the
file already had the user execute bit or the group execute bit or the
other execute bit set.  It is the three execute bits that makes it
non-trivial and the usefulness of the +X mode.  But by contrast
setting the setgid bit is very simple.  Just set it.  It is only one
bit.

Plus there are security ramifications to think about when setting the
setgid bit on files.  And the decisions are operating system
dependent.  On most systems scripts should never be suid/sgid.  And
even on systems where it is safe to do so I don't think setting the
suid/sgid bit on normal executables is something that should be done
lightly.

Bob

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.