作为Node的回答的后续内容,我将在FreeBSD man页面中发布以下mount(8):
suiddir
A directory on the mounted file system will respond to
the SUID bit being set, by setting the owner of any new
files to be the same as the owner of the directory. New
directories will inherit the bit from their parents.
Execute bits are removed from the file, and it will not
be given to root.
This feature is designed for use on fileservers serving
PC users via ftp, SAMBA, or netatalk. It provides secu-
rity holes for shell users and as such should not be used
on shell machines, especially on home directories. This
option requires the SUIDDIR option in the kernel to work.
Only UFS file systems support this option. See chmod(2)
for more information.
和chmod(2)手册页部分引用了suid位:
4000 (the setuid bit). Executable files with this bit set will
run with effective uid set to the uid of the file owner.
Directories with this bit set will force all files and sub-
directories created in them to be owned by the directory
owner and not by the uid of the creating process, if the
underlying file system supports this feature: see chmod(2)
and the suiddir option to mount(8).
请注意,这是一个安全风险,并且知道在启用它时你正在做什么,在FreeBSD中,但我相信Linux也需要启用特殊的mount标志,并且会改变该目录中文件的行为方式.
| 归档时间: |
|
| 查看次数: |
1390 次 |
| 最近记录: |