From owner-freebsd-current Sun Aug 13 07:07:18 1995 Return-Path: current-owner Received: (from majordom@localhost) by freefall.FreeBSD.org (8.6.11/8.6.6) id HAA23286 for current-outgoing; Sun, 13 Aug 1995 07:07:18 -0700 Received: from godzilla.zeta.org.au (godzilla.zeta.org.au [203.2.228.34]) by freefall.FreeBSD.org (8.6.11/8.6.6) with ESMTP id HAA23279 ; Sun, 13 Aug 1995 07:06:48 -0700 Received: (from bde@localhost) by godzilla.zeta.org.au (8.6.9/8.6.9) id AAA29370; Mon, 14 Aug 1995 00:04:26 +1000 Date: Mon, 14 Aug 1995 00:04:26 +1000 From: Bruce Evans Message-Id: <199508131404.AAA29370@godzilla.zeta.org.au> To: roberto@blaise.ibp.fr, wosch@cs.tu-berlin.de Subject: Re: kern/679: chown(2) ignores set-user-id and set-group-id bits for root Cc: current@FreeBSD.org, davidg@FreeBSD.org Sender: current-owner@FreeBSD.org Precedence: bulk >> That's all right and should not been changed. Unfortunately chown >> does not clear set-user-id and set-group-id bits if you are root. The POSIX behaviour is: set*id bits shall be cleared for non-root; it is implementation-defined whether they are cleared for root. I think 4.4lite doesn't clear them for root because this is the traditional behaviour. >I suggest the following patch (please review it David): This isn't quite right. 1. It changes the mode(s) when the ownership change(s) are null. (This is actually a bug fix. ufs_chown() optimizes null changes to have no visible effect, but POSIX requires clearing the mode bits whenever chown() is successful (for non-root of course; we can implement TRT for root). Urk. There are a lot of bugs here. POSIX also requires marking the ctime for update whenever chmod() is successful.) 2. It might change the mode when the chown() fails. (Actually it probably wouldn't, because ufs_setattr() happens to check for ownership changes before it checks for permissions changes. ufs_setattr() normally only changes a single attribute.) Anyway, it would be easier to remove the (cred->cr_*id != 0) checks from the end of xxfs_chown() for each xxfs that supports POSIX chown() and attributes - currently only ufs (?). Bruce