From owner-freebsd-hackers Tue Jan 28 09:50:33 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id JAA26983 for hackers-outgoing; Tue, 28 Jan 1997 09:50:33 -0800 (PST) Received: from phaeton.artisoft.com (phaeton.Artisoft.COM [198.17.250.211]) by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id JAA26970 for ; Tue, 28 Jan 1997 09:50:29 -0800 (PST) Received: (from terry@localhost) by phaeton.artisoft.com (8.6.11/8.6.9) id KAA08366; Tue, 28 Jan 1997 10:32:22 -0700 From: Terry Lambert Message-Id: <199701281732.KAA08366@phaeton.artisoft.com> Subject: Re: file locking / firewalling based on uid/gid To: peter@taronga.com (Peter da Silva) Date: Tue, 28 Jan 1997 10:32:22 -0700 (MST) Cc: hackers@freebsd.org In-Reply-To: <199701281404.IAA04275@bonkers.taronga.com> from "Peter da Silva" at Jan 28, 97 08:04:43 am X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > The only reason for disabling chown any more is for quotas, and quotas don't > work right anyway. I'd like to recommend going back to the USG semantics for > chown(). This is for giving files away to other users, right? There are a number of nasty exploits available via NFS doing this (you can get root on almost any old SGI system this way; check the CERT advisory log). Regards, Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.