Date: Mon, 22 Mar 2004 23:57:26 -0500 From: "Gerald S. Stoller" <gs_stoller@hotmail.com> To: freebsd-questions@FreeBSD.ORG Subject: The chown command Message-ID: <Sea1-F33EOBHkJZbK4D000092da@hotmail.com>
next in thread | raw e-mail | index | archive | help
In freeBSD 4.3 & 4.7 (& others), the chown command only works for root , for other users the command responds (if one actually tries to change the ownership) "chown: <file name>: Operation not permitted" where "<file name>" is the first file name in the argument-list. This command does work in a version of HP-UX (Hewlett-Packard UNIX ) that I used a few years ago (although it probably checks to make sure that certain properties don't violate security policy, and if any do it probably doesn't make the change [I have no access to such a system now so I can't check it]). I know that many systems act as freeBSD does, but I think that a better way of doing this is to allow the code to always change the ownership of the files except for changing the ownership to a user with root privileges (which can be checked in /etc/passwd ). This gives the system owner the flexibility to leave it this way, or to restrict this ability to root as it is now by seting chown's permissions to 500 , it is already owned by root. This is all that a single actual user (as most home systems are) system needs, but for a true multi-user system one may want to restrict the change to cases where the new owner and the current owner are members of one group (and the system administrater should be careful about adding users to the group wheel ). If the system has some groups that contain all users, we may want to allow them to be excluded from consideration, though we shouldn't worry about this now. I would like to push for such a change and wish others would join me; if anyone knows of any possible problems from this change, or has any objections to it, please let me know. _________________________________________________________________ Is your PC infected? Get a FREE online computer virus scan from McAfeeŽ Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Sea1-F33EOBHkJZbK4D000092da>