From c931d11d3fc12ba491ad39463aa11df49dc1f688 Mon Sep 17 00:00:00 2001 From: julian Date: Thu, 13 Nov 1997 00:28:51 +0000 Subject: Reviewed by: hackers@freebsd.org in general Obtained from: Whistle Communications tree Add an option to the way UFS works dependent on the SUID bit of directories This changes makes things a whole lot simpler on systems running as fileservers for PCs and MACS. to enable the new code you must 1/ enable option SUIDDIR on the kernel. 2/ mount the filesystem with option suiddir. hopefully this makes it difficult enough for people to do this accidentally. see the new chmod(2) man page for detailed info. --- sbin/mount/mntopts.h | 4 +++- sbin/mount/mount.8 | 18 +++++++++++++++++- sbin/mount/mount.c | 3 ++- sbin/mount_ifs/mntopts.h | 4 +++- sbin/mount_ifs/mount.8 | 18 +++++++++++++++++- sbin/mount_ifs/mount.c | 3 ++- 6 files changed, 44 insertions(+), 6 deletions(-) (limited to 'sbin') diff --git a/sbin/mount/mntopts.h b/sbin/mount/mntopts.h index 5175070..d9402cf 100644 --- a/sbin/mount/mntopts.h +++ b/sbin/mount/mntopts.h @@ -31,7 +31,7 @@ * SUCH DAMAGE. * * @(#)mntopts.h 8.7 (Berkeley) 3/29/95 - * $Id: mntopts.h,v 1.10 1997/08/25 21:02:21 bde Exp $ + * $Id: mntopts.h,v 1.11 1997/09/27 13:44:08 kato Exp $ */ struct mntopt { @@ -54,6 +54,7 @@ struct mntopt { #define MOPT_GROUPQUOTA { "groupquota", 0, 0, 0 } #define MOPT_NOCLUSTERR { "clusterr", 1, MNT_NOCLUSTERR, 0 } #define MOPT_NOCLUSTERW { "clusterw", 1, MNT_NOCLUSTERW, 0 } +#define MOPT_SUIDDIR { "suiddir", 0, MNT_SUIDDIR, 0 } /* Control flags. */ #define MOPT_FORCE { "force", 0, MNT_FORCE, 0 } @@ -77,6 +78,7 @@ struct mntopt { MOPT_NOATIME, \ MOPT_NODEV, \ MOPT_NOEXEC, \ + MOPT_SUIDDIR, /* must be before MOPT_NOSUID */ \ MOPT_NOSUID, \ MOPT_RDONLY, \ MOPT_UNION, \ diff --git a/sbin/mount/mount.8 b/sbin/mount/mount.8 index bda4ad1..4998b4a 100644 --- a/sbin/mount/mount.8 +++ b/sbin/mount/mount.8 @@ -30,7 +30,7 @@ .\" SUCH DAMAGE. .\" .\" @(#)mount.8 8.8 (Berkeley) 6/16/94 -.\" $Id: mount.8,v 1.18 1997/08/24 21:02:48 steve Exp $ +.\" $Id: mount.8,v 1.19 1997/09/27 13:44:12 kato Exp $ .\" .Dd June 16, 1994 .Dt MOUNT 8 @@ -154,6 +154,22 @@ mount the file system read-only (even the super-user may not write it). All .Tn I/O to the file system should be done synchronously. +.It suiddir +A directory on the mounted filesystem will respond to the SUID bit +being set, by setting the owner of any new files to be the same +as the owner of the directory. +New directories will inherit the bit from their parents. +Execute bits are removed from +the file, and it will not be given to root. +.Pp +This feature is designed for use on fileservers serving PC users via +ftp, SAMBA, or netatalk. It provides security holes for shell users and as +such should not be used on shell machines, especially on home directories. +This option requires the SUIDDIR +option in the kernel to work. Only UFS filesystems support this option. +See +.Xr chmod 2 +for more information. .It update The same as .Fl u ; diff --git a/sbin/mount/mount.c b/sbin/mount/mount.c index c9b23ac..9c28f2e 100644 --- a/sbin/mount/mount.c +++ b/sbin/mount/mount.c @@ -42,7 +42,7 @@ static const char copyright[] = static char sccsid[] = "@(#)mount.c 8.25 (Berkeley) 5/8/95"; #else static const char rcsid[] = - "$Id: mount.c,v 1.19 1997/08/24 21:02:49 steve Exp $"; + "$Id: mount.c,v 1.20 1997/09/27 13:44:17 kato Exp $"; #endif #endif /* not lint */ @@ -97,6 +97,7 @@ static struct opt { { MNT_UNION, "union" }, { MNT_NOCLUSTERR, "noclusterr" }, { MNT_NOCLUSTERW, "noclusterw" }, + { MNT_SUIDDIR, "suiddir" }, { NULL } }; diff --git a/sbin/mount_ifs/mntopts.h b/sbin/mount_ifs/mntopts.h index 5175070..d9402cf 100644 --- a/sbin/mount_ifs/mntopts.h +++ b/sbin/mount_ifs/mntopts.h @@ -31,7 +31,7 @@ * SUCH DAMAGE. * * @(#)mntopts.h 8.7 (Berkeley) 3/29/95 - * $Id: mntopts.h,v 1.10 1997/08/25 21:02:21 bde Exp $ + * $Id: mntopts.h,v 1.11 1997/09/27 13:44:08 kato Exp $ */ struct mntopt { @@ -54,6 +54,7 @@ struct mntopt { #define MOPT_GROUPQUOTA { "groupquota", 0, 0, 0 } #define MOPT_NOCLUSTERR { "clusterr", 1, MNT_NOCLUSTERR, 0 } #define MOPT_NOCLUSTERW { "clusterw", 1, MNT_NOCLUSTERW, 0 } +#define MOPT_SUIDDIR { "suiddir", 0, MNT_SUIDDIR, 0 } /* Control flags. */ #define MOPT_FORCE { "force", 0, MNT_FORCE, 0 } @@ -77,6 +78,7 @@ struct mntopt { MOPT_NOATIME, \ MOPT_NODEV, \ MOPT_NOEXEC, \ + MOPT_SUIDDIR, /* must be before MOPT_NOSUID */ \ MOPT_NOSUID, \ MOPT_RDONLY, \ MOPT_UNION, \ diff --git a/sbin/mount_ifs/mount.8 b/sbin/mount_ifs/mount.8 index bda4ad1..4998b4a 100644 --- a/sbin/mount_ifs/mount.8 +++ b/sbin/mount_ifs/mount.8 @@ -30,7 +30,7 @@ .\" SUCH DAMAGE. .\" .\" @(#)mount.8 8.8 (Berkeley) 6/16/94 -.\" $Id: mount.8,v 1.18 1997/08/24 21:02:48 steve Exp $ +.\" $Id: mount.8,v 1.19 1997/09/27 13:44:12 kato Exp $ .\" .Dd June 16, 1994 .Dt MOUNT 8 @@ -154,6 +154,22 @@ mount the file system read-only (even the super-user may not write it). All .Tn I/O to the file system should be done synchronously. +.It suiddir +A directory on the mounted filesystem will respond to the SUID bit +being set, by setting the owner of any new files to be the same +as the owner of the directory. +New directories will inherit the bit from their parents. +Execute bits are removed from +the file, and it will not be given to root. +.Pp +This feature is designed for use on fileservers serving PC users via +ftp, SAMBA, or netatalk. It provides security holes for shell users and as +such should not be used on shell machines, especially on home directories. +This option requires the SUIDDIR +option in the kernel to work. Only UFS filesystems support this option. +See +.Xr chmod 2 +for more information. .It update The same as .Fl u ; diff --git a/sbin/mount_ifs/mount.c b/sbin/mount_ifs/mount.c index c9b23ac..9c28f2e 100644 --- a/sbin/mount_ifs/mount.c +++ b/sbin/mount_ifs/mount.c @@ -42,7 +42,7 @@ static const char copyright[] = static char sccsid[] = "@(#)mount.c 8.25 (Berkeley) 5/8/95"; #else static const char rcsid[] = - "$Id: mount.c,v 1.19 1997/08/24 21:02:49 steve Exp $"; + "$Id: mount.c,v 1.20 1997/09/27 13:44:17 kato Exp $"; #endif #endif /* not lint */ @@ -97,6 +97,7 @@ static struct opt { { MNT_UNION, "union" }, { MNT_NOCLUSTERR, "noclusterr" }, { MNT_NOCLUSTERW, "noclusterw" }, + { MNT_SUIDDIR, "suiddir" }, { NULL } }; -- cgit v1.1