Page 1 of 1

SGID set on a file prevents FTP overwriting

Posted: 2009/01/25 06:01:28
by havefun
Hello,

I recently applied a kernel update to a CentOS 4 installation, and ran into an issue where if the SGID bit is set on a file, I can not overwrite the file using FTP, logged in as an authenticated user. I can rename, and delete said file using FTP, logged in as an authenticated user.

To explain further, all files in /var/www/html are owned by apache:webdev, and are chmod 2570. I have a script that runs periodically, and resets all files to these permissions. Before applying the updates, I was able to overwrite files without any issue.
If I change the files to 0570, I am able to overwrite without issue. I am logging in as an authenticated user, that is part of the webdev group. FTP umask is 022.

I have duplicated this using vsftpd 2.0.1-5.EL4.5 and proftpd1.3.0-5.1.el4

kernel is 2.6.9-78.0.13.plus.c4s. Previous to the updates, I was running 2.6.9-55.0.6.plus.c4.

If I revert back to the old kernel, the issue goes away.

Looking for some insight as to what might be causing this?

Regards