Re: again security proposal

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: A.N.Kuznetsov: "diff 2.1.76/net -> cvs/net"
• Previous message: Tuomas Heino: "Re: 2.1.68+(well 75 at least?) routing, etc... reject"

> > As somebody already mentioned:
> >
> > find / -uid [olduid] | xargs chown [newuid]
> >
> > is the Right Thing to do here. Think about it.
>
> This is _almost_ the Right Thing. The following is more correct:
>
> find / -uid [olduid] ! -type l -print0 | xargs -0r chown [newuid]
>
> but think about it, there is a race condition here. What if the user

Oh, right....but the administrator should probably be doing that in
single-user mode anyway so that other things don't break when the
user's uid changes under them.

Alternatively, someone could write a program to safely chown almost
all the user's files with readdir(), fstat(), and fchown(). (It could
still run into the opposite race condition, which is why the system
should be in single-user mode for this.

-- 
Aaron M. Ucko <amu@mit.edu> (finger amu@monk.mit.edu) [Stark raving sane]

• Next message: A.N.Kuznetsov: "diff 2.1.76/net -> cvs/net"
• Previous message: Tuomas Heino: "Re: 2.1.68+(well 75 at least?) routing, etc... reject"