Re: chmod set-gid/set-uid behavior change issues

[Jim Meyering]

Paul Eggert <address@hidden> wrote:
> Jim Meyering <address@hidden> writes:
>>> If we remove this feature, I'd like to change things to be 100%
>>> consistent with Solaris, and to preserve the setgid bit even if the
>>> user says "chmod 0755 DIR".
>>
>> I think that is the right approach.
>
> I started to implement this, but oops!  I now see that I
> mischaracterized the behavior of Solaris chmod and octal modes.
>
> Here's the problem.  If DIR is a directory, Solaris 10 "chmod NNNN
> DIR" ignores the setgid bit in NNNN entirely.  For example, "chmod
> 2755 DIR" ignores the "2", just as "chmod 0755 DIR" ignores the "0":
>
>    1037-moa $ ls -ld d
>    drwxr-xr-x   2 eggert   faculty      512 Jul 26 22:17 d
>    1038-moa $ chmod 2755 d
>    1039-moa $ ls -ld d
>    drwxr-xr-x   2 eggert   faculty      512 Jul 26 22:17 d
>    1040-moa $ chmod g+s d
>    1041-moa $ ls -ld d
>    drwxr-sr-x   2 eggert   faculty      512 Jul 26 22:17 d
>    1042-moa $ chmod 0755 d
>    1043-moa $ ls -ld d
>    drwxr-sr-x   2 eggert   faculty      512 Jul 26 22:17 d
>
> To me, this behavior violates the principle of least surprise at least
> as much as the CVS coreutils behavior does, since I was surprised that
> "chmod 2755 DIR" silently ignores the "2" on Solaris.

Same here.

> Here's a possible workaround.  I could change coreutils to ignore
> leading zeros on octal modes (this satisfies Jim's criterion that
> "chmod 0755 DIR" act like "chmod 755 DIR").  I could also change the
> underlying code so that requests to clear the setgid bit on a
> directory via an octal mode are ignored, but requsts to set the bit
> are obeyed.

This sounds best.

> Under this possible workaround, "chmod 755 DIR" and "chmod 0755 DIR"
> would both preserve the setgid bit, but "chmod 2755 DIR" would set it.
> The only way to clear it would be via a symbolic mode, e.g., "chmod
> g-s DIR".  This is biased towards keeping the setgid set.  It is not
> 100% compatible with Solaris, because the behavior differs for "chmod
> 2755 DIR".
>
> A downside of this possible workaround is complexity.  It would be a
> bit simpler to go back to the previous rule that "chmod 755 DIR"
> clears DIR's setgid bit.  That is biased towards clearing the setgid
> bit though, which I find less convenient in practice.
>
> So we have the following possibilities:
>
> 1) CVS coreutils.  chmod preserves setgid on directories unless you use
>    4 or more octal digits, or a symbolic mode that mentions setgid.

Using octal digits has been deprecated for ages (octal mode syntax was marked
obsolescent in ISO POSIX-2: 1993 -- but no longer; now it's mandatory).
I think it's best not to change things on this front.

> 2) The possible workaround in this email.  chmod preserves setgid on
>    directories unless you use an octal mode that sets setgid, or a
>    symbolic mode that mentions setgid.

As you've guessed, #2 is the one I prefer.