HPE Community
Operating System - Linux
1831950 Members
2931 Online
110034 Solutions
New Discussion

sgid question (really scratching my head!!!!)

 
SOLVED
Go to solution
joseph wholey
Regular Advisor

‎09-25-2006 08:11 AM

‎09-25-2006 08:11 AM

sgid question (really scratching my head!!!!)

Why, can't user "manager" change the permissions on file /depts/hr/mgr.sh? Group has rwx.

[manager@jgwlinux /]$ id manager
uid=521(manager) gid=521(manager) groups=521(manager),10000(sales),10001(hr),10002(web)

[manager@jgwlinux /]$ ls -ld /depts
drwxr-xr-x 5 root root 4096 Sep 25 13:54 /depts

[manager@jgwlinux /]$ ls -la /depts
total 36
drwxr-xr-x 5 root root 4096 Sep 25 13:54 .
drwxr-xr-x 25 root root 4096 Sep 24 20:17 ..
drwxrws--- 2 root hr 4096 Sep 25 15:43 hr

[manager@jgwlinux hr]$ ls -la /depts/hr
total 20
drwxrws--- 2 root hr 4096 Sep 25 15:43 .
drwxr-xr-x 5 root root 4096 Sep 25 13:54 ..
-rw-rw-r-- 1 manager hr 35 Sep 25 15:10 mgr.sh
0 Kudos
Reply
4 REPLIES 4
Ivan Ferreira
Honored Contributor

‎09-25-2006 08:29 AM

‎09-25-2006 08:29 AM

Re: sgid question (really scratching my head!!!!)

Only the user owner can change the permissions of a file. Group permissions indicates if the file can be read, writed or executed, but does not indicates that the permissions can be modified.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Reply
joseph wholey
Regular Advisor

‎09-25-2006 10:06 AM

‎09-25-2006 10:06 AM

Re: sgid question (really scratching my head!!!!)

Ivan, ok... that makes sense. Which leads me to my next question: how then (without intervention from root), can the user manager create a file in the /depts/hr directory that is executable? e.g. mgr.sh.
0 Kudos
Reply
Ivan Ferreira
Honored Contributor

‎09-25-2006 10:17 AM

‎09-25-2006 10:17 AM

Solution

Re: sgid question (really scratching my head!!!!)

Wait a minute, I was seeing wrong your previous post, I was thinking that the owner of mgr.sh was root.hr. In this case, the owner of mgr.sh is manager, so it should be able to change the permissions of the file.

What happens if you try to change the permissions of the file? what is the command that you use? what is the error that you get?
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Reply
joseph wholey
Regular Advisor

‎09-25-2006 10:37 AM

‎09-25-2006 10:37 AM

Re: sgid question (really scratching my head!!!!)

Ivan... thanks for your help. It was an oversight. sorry!!!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.