3

Bach states the following:

mkdir is a typical setuid program. Only a process with Effective UID root can create a folder. (Section 7.6, Page 229)

I checked the permissions on it on Ubuntu 12.04, the setuid bit isn't set.

-rwxr-xr-x 1 root root 42624 Oct  2 08:55 mkdir
   ^??

Then I checked other programs which are supposed to have this set, like ping and su and they have it set. 

-rwsr-xr-x 1 root root 34740 Nov  8  2011 ping
   ^---there it is

So, how does mkdir work? Have things changed since Bach wrote that?

Anirudh Ramanathan
  • 753
  • 1
  • 8
  • 16
  • That may be the case, but it isn't a programming question either. – Hasturkun Dec 16 '12 at 17:20
  • 1
    IIRC, at the time Bach wrote that, there were no separate system calls for directories, open() and read() and write() worked also for directory inodes. With possible diasastrous effects. –  Dec 16 '12 at 17:46

3 Answers3

5

The mkdir() call has been around since BSD 4.2. It was later added to SYSV 3.0. See: http://pubs.opengroup.org/onlinepubs/9699919799/functions/mkdir.html

BSD 4.2 came out in 1984: http://www.unix.org/what_is_unix/history_timeline.html

If access to a kernel mode entry point in UNIX via a syscall is permitted from user mode without restriction, what duskwuff indicates, then setuid is not required.

jim mcnamara
  • 867
  • 1
  • 6
  • 7
  • Wow, thanks for the links, and the timeline. The older version of mkdir.c you have linked doesn't seem to make the `setuid()` system call. Is it definitely the right one? – Anirudh Ramanathan Dec 16 '12 at 17:56
  • 1
    That version of mkdir was relatively modern -- it uses `mkdir()`. –  Dec 16 '12 at 22:39
3

It's no longer necessary to have root privileges to create a folder. There's now instead a mkdir() system call which any process can use to create a directory.

1

Have things changed since Bach wrote that?

Exactly. The permission to create a directory is nowadays based on the write permission to the parent directory or the t bit (for /tmp-like directories where everybody can create a directory but you can only delete files owned by you).

Jens
  • 597
  • 7
  • 23
  • I agree, but this is regarding permissions on the mkdir executable, not the destination folder. – Anirudh Ramanathan Dec 16 '12 at 17:39
  • Well, this is exactly what has changed. The permission check hash moved from checking the mkdir executable's setuid bit to the parent dirs write bit for the effective user. – Jens Dec 16 '12 at 17:42