Re: backwards recursive chowning

[Steven Augart]

I am unable to reproduce your problem.
 I've attached the output from my creating a tiny filesystem (with
/lib and /bin) and running "chown -R 3 .*" in the directory /home/you
on the filesystem.  Everything under /home was changed to belong to
the user "3", but nothing under the rest of the filesystem.

I suspect that perhaps you were in /home
instead of in /home/you when you ran chown, or perhaps you typed an extra
../?  I would be really surprised if you could reproduce this behavior
using any version of chown that made it into a Linux distribution, since
if "chown -R" were to follow ".." on its own, it would
mean that chown -R would always work on the entire filesystem.  If
you can reproduce it, please send the typescript to this list, because
that would be a serious problem.

---Steve Augart

Evan McNabb <address@hidden> Sent by: address@hidden 11/13/2003 10:51 AM

To:        address@hidden         cc:                 Subject:        Re: backwards recursive chowning

> > Last month I got a new laptop, installed
Linux, and "tweaked" my system
> > how I liked it. I copied over my personal files in my home directory
and
> > chowned them all to me.
>
> Hmm...  If they were your files to begin with, wouldn't they
have
> already been owned by you in the first place?  So maybe the chown
was
> not needed at all?  Just checking!

I had just installed my laptop for the first time
so I had to copy my
files (that I used to have on my old laptop) from a backup medium to my
new system.  Because I was still in the installation process, I did
the
initial copying of the files as root. I should have su'ed to my new user
to do the copying; I just didn't think about it.

> > Then I realized that my '.' files still
needed to be chowned so I
> > made the mistake of typing "chown -R emcnabb:users .*".
>
> Ah, yes, chowning '..' along with everything else.  The common
idiom
> has been these: .??*, .[!.]* and others.  It is shell dependent.

Yeah, I realized that is what I had to do right after
I did it. :-)

> This is what I imagine.
>
>   cd /home/you
>   chown -R you .*              
 # warning, matches ..., for the archive
>
> That should only have gotten to /home/* and not to the rest of your
> system.  So I am not sure how that would have damaged your system
as
> extensively as you describe.

Because is was -R it ended up backing up to / eventually
and from there
traversed every directory in / (such as /etc, /var, /usr, etc).

> Let me recommend that next time you copy the
files as you to begin
> with.  Then you will naturally own the files.  And not being
root
> would have protected your system from this.  Working as root
is like
> running with a long knife.  The edge can be sharp.

Yeah. After being a sys admin for a long time I've
learned the hard way.
:-) Once again, because I was still installing everything, I was running
most commands as root. I'll be better next time.

> > It turns out that lots of my friends have
done the same thing (so this
> > is a request from several people). Is there any possibility to
get all
> > the programs in coreutils (chown, chmod, chgrp, etc) to not have
> > backwards recursion (i.e.  that follow '..')?
>
> The problem is that this is not something that the commands know
> about.  Files are files and directories are directores and the
names
> don't mean anything.  Also the shell (e.g. /bin/bash) is doing
the
> expansion.  So the command does not have any idea that file globbing
> was involved.  This is actually an FAQ.  Check this out.
>
>   http://www.gnu.org/software/coreutils/faq/coreutils-faq.html
>
> Look for "globbing" and "echo" where this is described.
 It is not
> exactly this case but the rest of the description might be useful.

Well, it appears then that the shell is maybe the
area that any error
checking should go into. You're right about how the commands should be
generic and only do what they are told to.

> > I know rm doesn't do this any more, and
that has saved many people's
> > systems.
>
> Huh?  There isn't any special code in there.  But I did
see a very
> huge long debate in the standards list about whether it should
> specifically allow a system to implement such a check.  It would
be
> very difficult to do that in practice however.

Maybe bash is checking it. I commonly run 'rm -rf
.*' to remove all
dotfiles in a users home directory, and I've never had the backwards
traversing that has occurred with chown.

> In any case, it is unfortunate that you needed
to reinstall.  Glad you
> had not had too terribly much into the last installation.  Some
people
> never get the experience of why root can be a dangerous thing.  You
> can now tell them from personal experience.  Unfortunately most
> experience is measured by the toothmarks in your rear end.

:-) Well, I'm just hoping that the Linux experience
will be good for
newer users. I personally won't make this mistake again, so any changes
would be for benefiting others. There are times though that root does
need to chown directories (Alice gets a new account on a machine but
needs her old files chowned to her). It would be nice to have error
checking for the times that you do have to run commands as root. After
hearing what you've said, I think it is something on the shell end,
so maybe the bash people are the ones to talk to.

Thanks for your explanation and time!

-Evan

--
/********************************************************************\
Evan McNabb: <address@hidden> <address@hidden>
http://evan.mcnabbs.org
System Administrator, CS Department, BYU
GnuPG Fingerprint: 53B5 EDCA 5543 A27A E0E1 2B2F 6776 8F9C 6A35 6EA5
\********************************************************************/

_______________________________________________
Bug-coreutils mailing list
address@hidden
http://mail.gnu.org/mailman/listinfo/bug-coreutils


#### C.DTF has been removed from this note on November
14, 2003 by Steven Augart

chown-recurse2.log
Description: Binary data