Mikkel L. Ellertson wrote:
J. K. Cliburn wrote:
I'm seeing some file ownership behavior that concerns me. Near as I can
tell, a non-root user who's a member of a group can change ownership of
a file that's owned by another member of the same group, even if the
group perms for the file are read-only. I need to know if this is
expected behavior. I also saw the behavior today in SLES9, although I
need to verify the details more carefully tomorrow.
On my Fedora machine I added my non-root self to group "users", then, as
root, created a directory with root:users ownership. I then added a
file inside that directory called "junk" with 644 perms and owned by
root:users. Next, as myself (non-root) I opened the file with vi and
was able to save changes to it. When I exit the file, it's no longer
owned by root: it's owned by my non-root account. Behold:
If you look, you will probably find the original file, owned by
root, renamed to junk~. What is going on is that when vi saves the
file, it first renames the original file to <filename>~ and then
saves the edited version as <filename>. Because the user had write
permission to the directory, they could rename the original file,
and save a new file with the original name. But it is owned by the
user that saved the file.
Mikkel
I don't think so. The ~ file isn't there, and the resulting file has
the same inode number as the one root owned.
[root@osprey test]# chown root:users junk
[root@osprey test]# ls -ali junk
3074181 -rw-r--r-- 1 root users 56 Jan 19 19:56 junk
[root@osprey test]#
[jcliburn@osprey test]$ vi junk
[jcliburn@osprey test]$ ls -ali
total 12
3074178 drwxrwx--- 2 root users 4096 Jan 19 19:57 .
2 drwxrwxrwx 12 root root 4096 Jan 19 19:01 ..
3074181 -rw-r--r-- 1 jcliburn jcliburn 80 Jan 19 19:57 junk
[jcliburn@osprey test]$
