Re: chgrp resets the setuid and getgid bits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 25Jul2006 22:30, Ben Stringer <ben@xxxxxxxxxxx> wrote:
| On Tue, 2006-07-25 at 14:43 +0300, Markku Kolkka wrote:
| > Ben Stringer kirjoitti viestiss??n (l?hetysaika tiistai, 25. 
| > hein?kuuta 2006 12:44):
| > > I observed this today on an RHEL4 system, and it applies to
| > > Fedora also. I don't understand why this occurs - is it a
| > > security feature?
| > 
| > It behaves as defined in the Single Unix Specification: 
| > http://www.opengroup.org/onlinepubs/009695399/utilities/chgrp.html
| > "Unless chgrp is invoked by a process with appropriate 
| > privileges, the set-user-ID and set-group-ID bits of a regular 
| > file shall be cleared upon successful completion; the 
| > set-user-ID and set-group-ID bits of other file types may be 
| > cleared."
| 
| Thanks for the references Markku.
| 
| In the example I gave, I created the file as root, then performed the
| chgrp as root. root was a member of both of the groups I used in the
| example. In what way was this example not "a process with appropriate
| privileges"?

Probably in the way that Linux is not totally POSIX compliant, or
possibly that it is compliant to not have such a privilege.
-- 
Cameron Simpson <cs@xxxxxxxxxx> DoD#743
http://www.cskk.ezoshosting.com/cs/

The code was willing,
It considered your request,
But the chips were weak.
- Haiku Error Messages http://www.salonmagazine.com/21st/chal/1998/02/10chal2.html


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux