Re: odd chown difference between 2.0 and 2.1pre kernels

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Alan Cox: "Re: User mode Virt -> Phys"
• Previous message: Al Youngwerth: "Update: 2.0 kernels, tulip driver, crashes and reboots (long)"

> In article <cistron.199901110125.UAA24076@rushlight.kf8nh.apk.net>,
> Brandon S. Allbery KF8NH <allbery@kf8nh.apk.net> wrote:
> >In message <19990109215152.C32046@kitenet.net>, Joey Hess writes:
> >+-----
> >| On a 2.1pre4 machine:
> >| root@kite:~>ls -l foo
> >| -rwsrw-r-- 1 root joey 0 Jan 9 17:13 foo*
> >| root@kite:~> chown root.root foo; ls -l foo
> >| -rwsrw-r-- 1 root root 0 Jan 9 17:13 foo*
> >+--->8
> >
> >GAK!!! Security flaw here, methinks. chown should unconditionally clear
> >setuid and setgid.
>

Forgive my stupidity, but under 2.0.x i always considered the setuid loss
on chown a flaw. I, personally, feel it should keep the setuid bit. If
you're chowning something YOU own, setuid'd to you, why take the bit off??
Am I missing something trivial here?

-Tony
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
Anthony J. Biacco Network Administrator/Engineer
admin@intergrafix.net Intergrafix Internet Services

"The best way to predict the future, is to invent it."
http://cygnus.ncohafmuta.com http://www.intergrafix.net
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Alan Cox: "Re: User mode Virt -> Phys"
• Previous message: Al Youngwerth: "Update: 2.0 kernels, tulip driver, crashes and reboots (long)"