Re: odd chown difference between 2.0 and 2.1pre kernels

Alan Cox (alan@lxorguk.ukuu.org.uk)
Tue, 12 Jan 1999 17:21:58 +0000 (GMT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Joseph Anthony: "Re: Results: Zlatko's new vm patch"
Previous message: Alan Cox: "Re: User mode Virt -> Phys"
In reply to: Jamie Lokier: "Re: (My) SMP lameness?"

> On Mon, 11 Jan 1999 15:40:02 +0000 (GMT), alan@lxorguk.ukuu.org.uk
> (Alan Cox) said:
>
> >> In message <19990109215152.C32046@kitenet.net>, Joey Hess writes:
>
> >> GAK!!! Security flaw here, methinks. chown should unconditionally clear
> >> setuid and setgid.
>
> > Except when done by root
>
> Is there any consensus on this? According to singleunix, suid and
> sgid on regular files get cleared unconditionally except when the
> caller has "appropriate privileges", but in that case the behaviour is
> implementation-defined. What do other unixen do in this case?

Everything I tested does the same thing (even Irix for once). They all
don't drop them as root.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Joseph Anthony: "Re: Results: Zlatko's new vm patch"
Previous message: Alan Cox: "Re: User mode Virt -> Phys"
In reply to: Jamie Lokier: "Re: (My) SMP lameness?"