[183] in bugtraq
Re: chown, quotas and security
daemon@ATHENA.MIT.EDU (Neil Woods)
Sat Nov 5 22:56:48 1994
From: Neil Woods <neil@legless.demon.co.uk>
To: Jon Hamilton <hamilton@cs.iastate.edu>
Date: Sun, 6 Nov 1994 03:57:56 +0100 (GMT+0100)
Cc: bugtraq@fc.net
In-Reply-To: <199411060047.SAA20151@kickapoo.cs.iastate.edu> from "Jon Hamilton" at Nov 5, 94 06:47:06 pm
> I agree that cluttering up the kernel would be wrong, though, and would
> suggest either a setuid c wrapper around chown to check ownership
> or hacking chown to do the check and making it setuid, the former
> probably being preferable.
>
I disagree, the kernel is the correct place - indeed svr4 has a kernel
config option, RSTCHOWN, to do precisely this.
The setuid wrapper would introduce a race condition, you'd need to write
your own version of chown using fchown, and be extremely careful checking
perms.
Neil
--
Bull in the Heather, Me and My Charms, The Lights, Sensual World, Go, Ritual,
Handsome and Gretel, Take Me, Blue Room, Drunken Butterfly, She's Lost Control.
...like a badger with an afro throwing sparklers at the Pope...
