From owner-freebsd-current Sun Aug 13 06:09:23 1995 Return-Path: current-owner Received: (from majordom@localhost) by freefall.FreeBSD.org (8.6.11/8.6.6) id GAA22077 for current-outgoing; Sun, 13 Aug 1995 06:09:23 -0700 Received: from ibp.ibp.fr (ibp.ibp.fr [132.227.60.30]) by freefall.FreeBSD.org (8.6.11/8.6.6) with ESMTP id GAA22071 ; Sun, 13 Aug 1995 06:09:21 -0700 Received: from blaise.ibp.fr (blaise.ibp.fr [132.227.60.1]) by ibp.ibp.fr (8.6.12/jtpda-5.0) with ESMTP id PAA26342 ; Sun, 13 Aug 1995 15:09:19 +0200 Received: from (roberto@localhost) by blaise.ibp.fr (8.6.12/jtpda-5.0) id PAA28497 ; Sun, 13 Aug 1995 15:09:18 +0200 From: roberto@blaise.ibp.fr (Ollivier Robert) Message-Id: <199508131309.PAA28497@blaise.ibp.fr> Subject: Re: kern/679: chown(2) ignores set-user-id and set-group-id bits for root To: wosch@cs.tu-berlin.de Date: Sun, 13 Aug 1995 15:09:18 +0200 (MET DST) Cc: current@FreeBSD.org (Current's list FreeBSD), davidg@FreeBSD.org In-Reply-To: <199508130851.KAA00428@localhost> from "Wolfram Schneider" at Aug 13, 95 10:51:52 am X-Operating-System: FreeBSD 2.2-CURRENT ctm#880 X-Mailer: ELM [version 2.4 PL24] Content-Type: text Content-Length: 2626 Sender: current-owner@FreeBSD.org Precedence: bulk > That's all right and should not been changed. Unfortunately chown > does not clear set-user-id and set-group-id bits if you are root. > > $ touch Grunewald > $ chmod 4777 Grunewald > $ ls -lg Grunewald > -rwsrwxrwx 1 wosch wheel 0 Aug 13 10:38 Grunewald > > $ su root > # chown bin Grunewald > # ls -lg Grunewald > -rwsrwxrwx 1 bin wheel 0 Aug 13 10:38 Grunewald > ^ ^^^ > >Fix: I suggest the following patch (please review it David): PS: be gentle, it is my first attempt at kernel hacking :-) I can probably do the same thing without ovattr but it seems cleaner to do it that way as only modified fields are initialized in vattr. I didn't bothered to clear the sticky bit because I don't see it as a problem but it is easy to add it. It works here: 207 [15:03] roberto@keltia:/var/tmp> ll foo -r-sr-sr-x 1 roberto wheel 0 Aug 13 14:51 foo* 208 [15:03] roberto@keltia:~> ... Password: 209 [15:04] root@keltia:/var/tmp# chown bin foo 210 [15:04] root@keltia:/var/tmp# ll foo -r-xr-xr-x 1 bin wheel 0 Aug 13 14:51 foo* Index: vfs_syscalls.c =================================================================== RCS file: /spare/FreeBSD-current/src/sys/kern/vfs_syscalls.c,v retrieving revision 1.30 diff -u -r1.30 vfs_syscalls.c --- 1.30 1995/08/01 18:50:39 +++ vfs_syscalls.c 1995/08/13 12:09:43 @@ -1526,6 +1526,7 @@ int *retval; { register struct vnode *vp; + struct vattr ovattr; struct vattr vattr; int error; struct nameidata nd; @@ -1540,9 +1541,15 @@ if (vp->v_mount->mnt_flag & MNT_RDONLY) error = EROFS; else { + error = VOP_GETATTR(vp, &ovattr, p->p_ucred, p); + if (error) { + vput(vp); + return (error); + } VATTR_NULL(&vattr); vattr.va_uid = uap->uid; vattr.va_gid = uap->gid; + vattr.va_mode = ovattr.va_mode & ~(VSUID | VSGID); error = VOP_SETATTR(vp, &vattr, p->p_ucred, p); } vput(vp); @@ -1564,6 +1571,7 @@ register struct fchown_args *uap; int *retval; { + struct vattr ovattr; struct vattr vattr; struct vnode *vp; struct file *fp; @@ -1578,9 +1586,15 @@ if (vp->v_mount->mnt_flag & MNT_RDONLY) error = EROFS; else { + error = VOP_GETATTR(vp, &ovattr, p->p_ucred, p); + if (error) { + VOP_UNLOCK(vp); + return (error); + } VATTR_NULL(&vattr); vattr.va_uid = uap->uid; vattr.va_gid = uap->gid; + vattr.va_mode = ovattr.va_mode & ~(VSUID | VSGID); error = VOP_SETATTR(vp, &vattr, p->p_ucred, p); } VOP_UNLOCK(vp); -- Ollivier ROBERT -=- The daemon is FREE! -=- roberto@FreeBSD.ORG FreeBSD 2.2-CURRENT #5: Fri Jul 14 12:28:04 MET DST 1995