[185] in bugtraq
Re: chown, quotas and security
daemon@ATHENA.MIT.EDU (der Mouse)
Sun Nov 6 09:18:06 1994
Date: Sun, 6 Nov 1994 08:08:11 -0500
From: der Mouse <mouse@Collatz.McRCIM.McGill.EDU>
To: bugtraq@fc.net
>>>> [...make chown setuid-root...]
>>> Only in a very trusting environment, where you don't mind if users
>>> chown files they dont own to themselves....
>> Of course you'd wrap it up or write your own little chown utility
>> before you made it suid :)
> You'd introduce a race condition with a wrapper. If you wrote your
> own chown command, you could do it securely, using fchown..
But that would work only for things for which open() performs no
nontrivial operations; in particular, you couldn't use it to chown
device special files (probably not too much of a problem) or named
pipes (perhaps more of a problem) or UNIX-domain sockets (because they
can't be open()ed at all).
The more I think about this, the more I think it has to be in the
kernel if you want it at all. Or else you just have to live with the
race condition, which in the case of chown is probably not very severe.
der Mouse
mouse@collatz.mcrcim.mcgill.edu
