Date: Sun, 13 Aug 1995 10:51:52 +0200 From: Wolfram Schneider <wosch@cs.tu-berlin.de> To: FreeBSD-gnats-submit@freebsd.org Subject: kern/679: chown(2) ignores set-user-id and set-group-id bits for root Message-ID: <199508130851.KAA00428@localhost> Resent-Message-ID: <199508130910.CAA17476@freefall.FreeBSD.org>
next in thread | raw e-mail | index | archive | help
>Number: 679 >Category: kern >Synopsis: chown(2) ignores set-user-id and set-group-id bits for root >Confidential: no >Severity: critical >Priority: medium >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Aug 13 02:10:01 PDT 1995 >Last-Modified: >Originator: Wolfram Schneider >Organization: >Release: FreeBSD 2.0-ALPHA i386 >Environment: >Description: from chown(2) manpage: [...] but the change owner capability is restricted to the super-user. Chown() clears the set-user-id and set-group-id bits on the file to pre- vent accidental or mischievous creation of set-user-id and set-group-id programs. That's all right and should not been changed. Unfortunately chown does not clear set-user-id and set-group-id bits if you are root. >How-To-Repeat: $ touch Grunewald $ chmod 4777 Grunewald $ ls -lg Grunewald -rwsrwxrwx 1 wosch wheel 0 Aug 13 10:38 Grunewald $ su root $ su root # chown bin Grunewald # ls -lg Grunewald -rwsrwxrwx 1 bin wheel 0 Aug 13 10:38 Grunewald ^ ^^^ >Fix: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199508130851.KAA00428>