setperms on linux

Fairlight fairlite at fairlite.com
Wed Apr 12 23:12:24 PDT 2006


On Wed, Apr 12, 2006 at 11:11:03PM -0400, J. P. Radley may or may not have
proven themselves an utter git by pronouncing:
> >From the 'man chown' page on SCO OSR 6.0.0:
> 
>    Use of this utility is governed by the chown kernel privilege.
>    Restricted chown is required for NIST FIPS 151-1 conformance.
> 
>    If you have chown kernel privilege, you can change the owner and group
>    of files that you initially own. If you do not have chown privilege,
>    you cannot change the ownership of files; you can change their group,
>    but only if the files are initially owned by you, and the new group is
>    your effective group ID or is listed in your supplemental group list.

Then I suggest you try it on Bob's machine, JP.  That's where I was allowed
to do it.  Same when it was 5.0.6 before the 5.6 upgrade.  If the kernel
environment has to be relinked to disallow it, well then it's not secure by
default, obviously.  My comments would then stand.

mark->


More information about the Filepro-list mailing list