Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

os.Mkdir is not setting setuid and/or setgid bits #40289

Closed
tteeoo opened this issue Jul 19, 2020 · 4 comments
Closed

os.Mkdir is not setting setuid and/or setgid bits #40289

tteeoo opened this issue Jul 19, 2020 · 4 comments
Labels
FrozenDueToAge

Comments

@tteeoo
Copy link

tteeoo commented Jul 19, 2020

What version of Go are you using (go version)?

$ go version
go version go1.14.5 linux/amd64

Does this issue reproduce with the latest release?

Yes, I also tested with go 1.14.6 linux/amd64

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/home/theo/.cache/go-build"
GOENV="/home/theo/.config/go/env"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/home/theo/dev/go"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/lib/go"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/lib/go/pkg/tool/linux_amd64"
GCCGO="gccgo"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD="/home/theo/dev/repos/ubsu/go.mod"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build371835464=/tmp/go-build -gno-record-gcc-switches"

What did you do?

I tried using os.Mkdir with an os.FileMode that should result in the suid bit being set for the directory.

package main

import "os"

func main() {
	os.Mkdir("testdir", 0755 | os.ModeSetuid)
	// os.Chmod("testdir", 0755 | os.ModeSetuid)
}

I expected the resulting directory to have the setuid bit set when running ls -l in my shell, but to no avail.

Note that when uncommenting the last line of the program, os.Chmod properly sets the setuid bit for the directory.

Am I missing something here; perhaps this is a dumb question? What's with this behavior?
@tteeoo
Copy link
Author

tteeoo commented Jul 19, 2020

Forgot to mention in the body: the same thing happens with os.ModeSetgid and the setgid bit.

@tteeoo tteeoo changed the title os.Mkdir set setting suid and/or guid bits os.Mkdir is not setting setuid and/or setgid bits Jul 19, 2020
@ulikunitz
Copy link
Contributor

The mkdir syscall cannot set the S_ISUID bit.

Here is the relevant sentence from the Linux mkdir manual:

It is modified by the process's umask in the usual way: in the absence of a default ACL, the
mode of the created directory is (mode & ~umask & 0777).

The mask 0777 removes the S_ISUID bit.

@ulikunitz
Copy link
Contributor

Mask 0777 excludes the S_IGUID as well. I suggest to extend the documentation of os.Mkdir.

@tteeoo
Copy link
Author

tteeoo commented Jul 19, 2020

Ok, thanks for the clarification.

@tteeoo tteeoo closed this as completed Jul 19, 2020
@golang golang locked and limited conversation to collaborators Jul 19, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ulikunitz @gopherbot @tteeoo