[15881] in bugtraq
Re: strange thing appens on SCO
daemon@ATHENA.MIT.EDU (Jeremy Epstein)
Fri Jul 21 14:34:32 2000
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <NDBBICMMIMLFAPJFOHEBOEGGCLAA.jepstein@webmethods.com>
Date: Thu, 20 Jul 2000 16:40:35 -0400
Reply-To: Jeremy Epstein <jepstein@WEBMETHODS.COM>
From: Jeremy Epstein <jepstein@WEBMETHODS.COM>
X-To: naif@inet.it
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.21.0007201331590.1652-100000@naif.inet.it>
Ahhh, ancient history.
On OSes derived from UNIX System V (including SCO), unprivileged users can
give away ownership of their files using the chown() system call (which is
exactly what "cp -p" does). When you give away ownership, it clears the
setuid and setgid bits (if either was set) to avoid the obvious security
risk. BSD-derived systems don't allow giving away file ownership unless
you're a privileged user.
This was described in the POSIX standard as an optional behavior, to allow
both the System V behavior that you described, as well as the BSD behavior
which is what Linux seems to implement.
In other words, this is a feature, not a bug :-)
--Jeremy (a UNIX programmer for almost a quarter of a century)
