setperms on linux
Jean-Pierre A. Radley
appl at jpr.com
Thu Apr 13 12:47:21 PDT 2006
Mark Luljak propounded (on Thu, Apr 13, 2006 at 02:12:24AM -0400):
| On Wed, Apr 12, 2006 at 11:11:03PM -0400, J. P. Radley may or may not have
| proven themselves an utter git by pronouncing:
| > >From the 'man chown' page on SCO OSR 6.0.0:
| >
| > Use of this utility is governed by the chown kernel privilege.
| > Restricted chown is required for NIST FIPS 151-1 conformance.
| >
| > If you have chown kernel privilege, you can change the owner and group
| > of files that you initially own. If you do not have chown privilege,
| > you cannot change the ownership of files; you can change their group,
| > but only if the files are initially owned by you, and the new group is
| > your effective group ID or is listed in your supplemental group list.
|
| Then I suggest you try it on Bob's machine, JP. That's where I was allowed
| to do it. Same when it was 5.0.6 before the 5.6 upgrade. If the kernel
| environment has to be relinked to disallow it, well then it's not secure by
| default, obviously. My comments would then stand.
No relinking involved; but the default set of privileges does include chown.
--
JP
==> http://www.frappr.com/cusm <==
More information about the Filepro-list
mailing list