Hat Tip to Brian White

Jay Ashworth jra at baylink.com
Tue Mar 27 14:21:46 PDT 2012 

----- Original Message -----
> From: "Kenneth Brody" <kenbrody at spamcop.net>

> On 3/27/2012 4:51 PM, Jay Ashworth wrote:
> > Had to help an ex-coworker figure out why a client of theirs was having
> > "my users own the lockfiles" problems this morning, and an old list
> > posting of Brian's reminded me about the "setperms script does chmod +s
> > before chown" problem, which he found, fixed, and it solved their
> > problem.
> 
> I believe this was fixed a long time ago. What version of filePro do
> they have?

5.0.last-release-before-license-manager.  :-)

> > Hat tip also to Bill for the celestial list archives.
> >
> > Brian: did you ever actually confirm or deny that chown(1) should
> > reset the setuid/gid bits even when run by root?
> 
> I thought that only root could run chown? "man chown" includes:
> 
> > The ownership of a file may only be altered by a super-user for
> > obvious security reasons.

Quoting from http://www.unix.com/tips-tutorials/19060-unix-file-permissions.html:

"""
Originally, Unix allowed a file owner to give away a file. A file's owner could change the owner to someone else. There was no way for a non-root user to undo this operation. When Unix split into a Berkeley/AT&T versions, the USG (Unix Support Group, part of AT&T) versions of Unix tended to inherit this behavior. Meanwhile BSD (Berkeley Software Distribution, part of University of California, Berkeley) removed chown from non-root users. BSD had implemented disk quotas which could limit how much disk space a user could have in a filesystem. Naughty users could give away large files to sneek past the quotas.

Today, it is not easy to say if a non-root can chown a file. Many versions of Unix allow both behaviors. HP-UX has a setprivgroup facility that can control whether or not members of a particular group can invoke chown. Solaris has a global paramter rstchown which can be set to allow global chown. Setting this parameter also disables a change-group limitation described below (without affecting the SGID limitations described above). Recent Linux version have a CAP_CHOWN capability to control this feature. You will need to consult your documentation for other versions of Unix. And you will need to consult your System Administrator to see how your particular system is configured.

The default with most OS's is for chown to be restricted to root only. And there is a consensus that it should stay this way for security considerations. If a non-root user does change the owner of a file and any execute bit is on, the SUID and SGID bits must be cleared. This may or may not happen with root.
"""

which is pretty much how I understand it too.

Cheers,
-- jra
-- 
Jay R. Ashworth                  Baylink                       jra at baylink.com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates     http://baylink.pitas.com         2000 Land Rover DII
St Petersburg FL USA      http://photo.imageinc.us             +1 727 647 1274

More information about the Filepro-list mailing list