Re: odd chown difference between 2.0 and 2.1pre kernels

Petri Kaukasoina (kaukasoi@elektroni.ee.tut.fi)
Tue, 12 Jan 1999 18:43:46 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Ulrich Drepper: "Re: UID width"
Previous message: Christopher W. Curtis: "2.2.0-pre6 VM slow?"
In reply to: Jamie Lokier: "Re: (My) SMP lameness?"
Next in thread: Alan Cox: "Re: odd chown difference between 2.0 and 2.1pre kernels"

On Tue, Jan 12, 1999 at 02:51:32PM +0000, Stephen C. Tweedie wrote:

> On Mon, 11 Jan 1999 15:40:02 +0000 (GMT), alan@lxorguk.ukuu.org.uk
> (Alan Cox) said:
>
> >> In message <19990109215152.C32046@kitenet.net>, Joey Hess writes:
>
> >> GAK!!! Security flaw here, methinks. chown should unconditionally clear
> >> setuid and setgid.
>
> > Except when done by root
>
> Is there any consensus on this? According to singleunix, suid and
> sgid on regular files get cleared unconditionally except when the
> caller has "appropriate privileges", but in that case the behaviour is
> implementation-defined. What do other unixen do in this case?

In SunOS 5.5 and Digital Unix V4.0 the suid and sgid were not cleared if
root changed the file owner or group. But if non-root changes the file group
then both suid and sgid were cleared. I tried it with chown(1) and chgrp(1).

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ulrich Drepper: "Re: UID width"
Previous message: Christopher W. Curtis: "2.2.0-pre6 VM slow?"
In reply to: Jamie Lokier: "Re: (My) SMP lameness?"
Next in thread: Alan Cox: "Re: odd chown difference between 2.0 and 2.1pre kernels"