Re: chown security problem

bug-coreutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: chown security problem

From:	Dmitry V. Levin
Subject:	Re: chown security problem
Date:	Thu, 17 Feb 2005 17:32:59 +0300

Hi,

On Thu, Feb 17, 2005 at 10:58:28AM +0300, Kirill Korotaev wrote:
> I recently found that chown tries to keep SUID bit the same as it was 
> for previous user. I think it is totally wrong and unsecure!

This is no longer true.  According to coreutils ChangeLog,

2003-07-12  Jim Meyering  <address@hidden>
        * src/chown-core.c (change_file_owner): Do not restore any special
        permission bits (e.g., set-user-ID, set-group-ID) that are reset
        by chown(2) on some systems.  Suggestion and insistence :-) from
        Michael Stone.


-- 
ldv

pgpz7BwKJDifA.pgp
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

chown security problem, Kirill Korotaev, 2005/02/17
- Re: chown security problem, Dmitry V. Levin <=

Prev by Date: chown security problem
Next by Date: Replacements for regular shell builtins
Previous by thread: chown security problem
Next by thread: Replacements for regular shell builtins
Index(es):
- Date
- Thread