Re: odd chown difference between 2.0 and 2.1pre kernels

Tom Eastep (eastep@loc1.tandem.com)
Tue, 12 Jan 1999 16:27:05 +0000

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Erik Corry: "Re: Kernel Threads: Dr. Russinovich's response"
Previous message: christophe.leroy5@capway.com: "Re: US relaxes crypto restrictions?"
Maybe in reply to: Joey Hess: "odd chown difference between 2.0 and 2.1pre kernels"

"Stephen C. Tweedie" wrote:
>
> Hi,
>
> On Mon, 11 Jan 1999 15:40:02 +0000 (GMT), alan@lxorguk.ukuu.org.uk
> (Alan Cox) said:
>
> >> In message <19990109215152.C32046@kitenet.net>, Joey Hess writes:
>
> >> GAK!!! Security flaw here, methinks. chown should unconditionally clear
> >> setuid and setgid.
>
> > Except when done by root
>
> Is there any consensus on this? According to singleunix, suid and
> sgid on regular files get cleared unconditionally except when the
> caller has "appropriate privileges", but in that case the behaviour is
> implementation-defined. What do other unixen do in this case?

Solaris 2.5.1 retains suid and sgid...

# chmod g+x blub
# ls -l blub
-rw-rwxr-- 1 root other 0 Jan 12 08:23 blub
# chmod +x blub
# chmod +s blub
# ls -l blub
-rwsrwsr-- 1 root other 0 Jan 12 08:23 blub
# chown eastep blub
# ls -l blub
-rwsrwsr-- 1 eastep other 0 Jan 12 08:23 blub
# uname -a
SunOS eastep-5 5.5.1 Generic sun4m sparc SUNW,SPARCstation-20
#

-Tom

-- Tom Eastep Compaq Computer Corporation Enterprise Computing Group Tandem Division tom.eastep@compaq.com

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Erik Corry: "Re: Kernel Threads: Dr. Russinovich's response"
Previous message: christophe.leroy5@capway.com: "Re: US relaxes crypto restrictions?"
Maybe in reply to: Joey Hess: "odd chown difference between 2.0 and 2.1pre kernels"