Xref: utzoo comp.unix.questions:6306 comp.unix.wizards:7433
Path: utzoo!mnetor!uunet!husc6!cmcl2!phri!manhat!mancol!marob!samperi
From: samperi@marob.MASA.COM (Dominick Samperi)
Newsgroups: comp.unix.questions,comp.unix.wizards
Subject: Re: mkdir and access(2)
Message-ID: <265@marob.MASA.COM>
Date: 28 Mar 88 15:07:52 GMT
References: <59@vsi.UUCP> <1056@stratus.UUCP> <70@vsi.UUCP> <305@wsccs.UUCP> <368@wsccs.UUCP> <10811@mimsy.UUCP> <4190@chinet.UUCP>
Reply-To: samperi@marob.UUCP (Dominick Samperi)
Distribution: comp
Organization: 18th Street Construction Co NY NY
Lines: 32
Keywords: access(2), permissions, setuid/setgid
Summary: new mkdir for remote cpio

In article <4190@chinet.UUCP> les@chinet.UUCP (Leslie Mikesell) writes:
|>Real-life example:
|>I have a subdirectory tree that I need to duplicate on another machine
|>via uucp.  To save transmission time, I like to use:
|>find . -print |cpio -oc |compress | uux - "remote!unpackit"
|>  where remote is the machine name and unpackit is a shell script
|>  that goes to the right place and runs zcat|cpio -imd on its input.
|>
|>Now, one would think that these files and directories would be owned
|>by uucp since uuxqt is setuid to uucp.  However, if the particular
|>run of uucico that delivered the batch was started by a user on the
|>remote machine, guess who owns the newly created directories...
|>Cpio uses system(mkdir) which gives the directory to the real
|>user which happens to be the one who originally started the process
|>(even in SysVr3 where it doesn't have to!).  Even if the first
|>run operates as uucp (due to our system logging in to deliver the
|>file) later attempts may fail due to incorrect permissions when
|>creating a new dirctory.
|>  -Les
|>             ...ihnp4!chinet!les

This is precisely the problem that motivated me to write the (slightly)
enhanced version of mkdir that I recently posted to comp.unix.wizards. It
has a -g flag which causes mkdir to use the process EFFECTIVE group id
when it makes directories. You will have to modify cpio so that it
calls mkdir with the -g flag, and so that it always gives rwx access to
a particular group, like uucpio.
-- 
Dominick Samperi, Manhattan College, NYC
    manhat!samperi@NYU.EDU           ihnp4!rutgers!nyu.edu!manhat!samperi
    philabs!cmcl2!manhat!samperi     ihnp4!rutgers!hombre!samperi
              (^ that's an ell)      uunet!swlabs!mancol!samperi