[Cyberduck-trac] [Cyberduck] #4387: permissions for directories either lack "executable" or SGID bit.

Cyberduck trac at trac.cyberduck.ch
Sun Apr 11 09:27:18 CEST 2010 

#4387: permissions for directories either lack "executable" or SGID bit.
-------------------------------------------------+--------------------------
 Reporter:  JensP                                |        Owner:  dkocher      
     Type:  defect                               |       Status:  closed       
 Priority:  normal                               |    Milestone:               
Component:  sftp                                 |      Version:  3.4.2        
 Severity:  critical                             |   Resolution:  worksforme   
 Keywords:  directory permissions sftp scp SGID  |     Platform:  Mac OS X 10.6
-------------------------------------------------+--------------------------
Changes (by dkocher):

  * status:  new => closed
  * resolution:  => worksforme


Old description:

> Hi,
>
> first of all: Thank you for this great tool. However, there is one major
> annoyance that keeps me from actually using it in a productive
> environment.
>
> When creating new directories using SCP or SFTP mode, the created
> directories do take the SGID bit into account but set directories without
> executyble bit, resulting in access permission problems when uploading
> files into those directories.
>
> Example:
>
> drwxrws--- 2 user group 4.0K 2010-04-10 21:37 folder
> ~/ $ cd folder
> ~/folder $ mkdir example
> ~/folder $ ls -l
> $ drwxrws--- 2 user group 4.0K 2010-04-10 21:38 example
>
> now I create a subfolder "cyber" with cyberduck and "ls" again.
>
> drw-rwS--- 2 user group 4.0K 2010-04-10 21:38 cyber
> drwxrws--- 2 user group 4.0K 2010-04-10 21:38 example
>
> As you can see, the SGID bit is there, but the directory is created
> without "x" bit for either group or user. Setting the permissions in the
> settings, however, results in the SGID bit being ignored:
>
> ~/folder $ ls -l
> drw-rwS--- 2 user group 4.0K 2010-04-10 21:38 cyber
> drwxrwx--- 2 user group 4096 2010-04-10 22:27 cybex
> drwxrws--- 2 user group 4.0K 2010-04-10 21:38 example
>
> This leads to serious access permission problems in shared environments
> where group settings matter.
>
> How is the creation of new directories handled to explain this behaviour?
> Using command line ssh access and the "mkdir" command results in correct
> permissions for the tested users.
>
> I would greatly appreciate any help.
>
> Cheers
>
> JensP

New description:

 Hi,

 first of all: Thank you for this great tool. However, there is one major
 annoyance that keeps me from actually using it in a productive
 environment.

 When creating new directories using SCP or SFTP mode, the created
 directories do take the SGID bit into account but set directories without
 executyble bit, resulting in access permission problems when uploading
 files into those directories.

 Example:


 {{{
 drwxrws--- 2 user group 4.0K 2010-04-10 21:37 folder
 ~/ $ cd folder
 ~/folder $ mkdir example
 ~/folder $ ls -l
 $ drwxrws--- 2 user group 4.0K 2010-04-10 21:38 example
 }}}


 now I create a subfolder "cyber" with cyberduck and "ls" again.


 {{{
 drw-rwS--- 2 user group 4.0K 2010-04-10 21:38 cyber
 drwxrws--- 2 user group 4.0K 2010-04-10 21:38 example
 }}}


 As you can see, the SGID bit is there, but the directory is created
 without "x" bit for either group or user. Setting the permissions in the
 settings, however, results in the SGID bit being ignored:


 {{{
 ~/folder $ ls -l
 drw-rwS--- 2 user group 4.0K 2010-04-10 21:38 cyber
 drwxrwx--- 2 user group 4096 2010-04-10 22:27 cybex
 drwxrws--- 2 user group 4.0K 2010-04-10 21:38 example
 }}}


 This leads to serious access permission problems in shared environments
 where group settings matter.

 How is the creation of new directories handled to explain this behaviour?
 Using command line ssh access and the "mkdir" command results in correct
 permissions for the tested users.

 I would greatly appreciate any help.

 Cheers

 JensP

--

Comment:

 Creating directories over SFTP will use the permissions set in
 ''Preferences → Transfer → Permissions → for Folders''. Please double
 check your setting there (even if you have choosen to use the permissions
 from the local file when uploading, the other disabled setting still
 applies for making new folders over SFTP).

-- 
Ticket URL: <http://trac.cyberduck.ch/ticket/4387#comment:1>
Cyberduck <http://cyberduck.ch>
FTP, SFTP, WebDAV, Cloud Files and Amazon S3 Browser for Mac OS X.

More information about the Cyberduck-trac mailing list