Re: odd chown difference between 2.0 and 2.1pre kernels

Alan Cox (alan@lxorguk.ukuu.org.uk)
Mon, 11 Jan 1999 15:40:02 +0000 (GMT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Peter T. Breuer: "semaphore"
Previous message: Michel Catudal: "Re: Accents bug in kernel 2.2.0pre5"
In reply to: Soeren Todt: "who beats you to release 2.2.0 so early?"
Next in thread: Miquel van Smoorenburg: "Re: odd chown difference between 2.0 and 2.1pre kernels"

> In message <19990109215152.C32046@kitenet.net>, Joey Hess writes:
> +-----
> | On a 2.1pre4 machine:
> | root@kite:~>ls -l foo
> | -rwsrw-r-- 1 root joey 0 Jan 9 17:13 foo*
> | root@kite:~> chown root.root foo; ls -l foo
> | -rwsrw-r-- 1 root root 0 Jan 9 17:13 foo*
> +--->8
>
> GAK!!! Security flaw here, methinks. chown should unconditionally clear
> setuid and setgid.

Except when done by root

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Peter T. Breuer: "semaphore"
Previous message: Michel Catudal: "Re: Accents bug in kernel 2.2.0pre5"
In reply to: Soeren Todt: "who beats you to release 2.2.0 so early?"
Next in thread: Miquel van Smoorenburg: "Re: odd chown difference between 2.0 and 2.1pre kernels"