Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

os.Mkdir is not setting setuid and/or setgid bits #40289

Closed
tteeoo opened this issue Jul 19, 2020 · 4 comments
Closed

os.Mkdir is not setting setuid and/or setgid bits #40289

tteeoo opened this issue Jul 19, 2020 · 4 comments

Comments

@tteeoo
Copy link

@tteeoo tteeoo commented Jul 19, 2020

What version of Go are you using (go version)?

$ go version
go version go1.14.5 linux/amd64

Does this issue reproduce with the latest release?

Yes, I also tested with go 1.14.6 linux/amd64

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/home/theo/.cache/go-build"
GOENV="/home/theo/.config/go/env"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/home/theo/dev/go"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/lib/go"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/lib/go/pkg/tool/linux_amd64"
GCCGO="gccgo"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD="/home/theo/dev/repos/ubsu/go.mod"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build371835464=/tmp/go-build -gno-record-gcc-switches"

What did you do?

I tried using os.Mkdir with an os.FileMode that should result in the suid bit being set for the directory.

package main

import "os"

func main() {
	os.Mkdir("testdir", 0755 | os.ModeSetuid)
	// os.Chmod("testdir", 0755 | os.ModeSetuid)
}

I expected the resulting directory to have the setuid bit set when running ls -l in my shell, but to no avail.

Note that when uncommenting the last line of the program, os.Chmod properly sets the setuid bit for the directory.

Am I missing something here; perhaps this is a dumb question? What's with this behavior?

@tteeoo
Copy link
Author

@tteeoo tteeoo commented Jul 19, 2020

Forgot to mention in the body: the same thing happens with os.ModeSetgid and the setgid bit.

@tteeoo tteeoo changed the title os.Mkdir set setting suid and/or guid bits os.Mkdir is not setting setuid and/or setgid bits Jul 19, 2020
@ulikunitz
Copy link
Contributor

@ulikunitz ulikunitz commented Jul 19, 2020

The mkdir syscall cannot set the S_ISUID bit.

Here is the relevant sentence from the Linux mkdir manual:

It is modified by the process's umask in the usual way: in the absence of a default ACL, the
mode of the created directory is (mode & ~umask & 0777).

The mask 0777 removes the S_ISUID bit.

@ulikunitz
Copy link
Contributor

@ulikunitz ulikunitz commented Jul 19, 2020

Mask 0777 excludes the S_IGUID as well. I suggest to extend the documentation of os.Mkdir.

@tteeoo
Copy link
Author

@tteeoo tteeoo commented Jul 19, 2020

Ok, thanks for the clarification.

@tteeoo tteeoo closed this Jul 19, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants
You can’t perform that action at this time.