Newsgroups: comp.sys.sequent
Path: utzoo!utgpu!watserv1!mach2!idavis
From: idavis@mach2.WLU.CA (Ian Davis)
Subject: Set effective group id behaviour on Sequent
Message-ID: <1991Jun12.192831.12177@mach2.wlu.ca>
Sender: idavis@mach2.wlu.ca (Ian Davis)
Organization: Wilfrid Laurier University
Distribution: na
Date: Wed, 12 Jun 91 19:28:31 GMT
Lines: 33

It was my belief that if a C program created new files these files would
automatically be assigned the effective user and group id of the executing 
program.  Ie.  If the set gid bit is set on the executable code, then files
created by this code would belong to the same group as that associated with
this code.  This appears to be the case on AT&T UNIX.  However under
''DYNIX(R) V3.0.17.9  Sun Jan  7 03:03:31 PST 1990'' I find that such output
files appear to be assigned the real user id of the invoking user instead.
Am I correct, and would others consider this a bug, or a feature?

Given this behaviour, how can a program change the attributes of a file that
it has created to reflect this programs effective rather than real group id.
Using chown(file_name,-1,getegid()) merely results in an error return code,
since the invoker does not have superuser permissions.  I do not wish to
change the effective user id of the software which creates these database
to root, because of the security implications.  Apart from anything else
a malicious user could create hundreds of database files anywhere they
wanted.

My reason for wanting to change the group id of created files is so that
authorised database software has unrestricted access to databases which are
created, since they run under this same effective group id, but end users
have no direct ability to read, update or delete these databases, unless
they are identified as owning them.

Thanks for any reply..

Dr. Ian Davis                                  Net Address: idavis@mach2.WLU.CA
Computing Services                              Local Mail: P4-2, Main Campus 
Wilfrid Laurier University, Waterloo, Ontario    Telephone: (519)884-1970 x2764
-- 
Dr. Ian Davis                                  Net Address: idavis@mach2.WLU.CA
Computing Services                              Local Mail: P4-2, Main Campus 
Wilfrid Laurier University, Waterloo, Ontario    Telephone: (519)884-1970 x2764
