From owner-freebsd-questions Tue Mar 28 8:56: 9 2000 Delivered-To: freebsd-questions@freebsd.org Received: from kestrel.prod.itd.earthlink.net (kestrel.prod.itd.earthlink.net [207.217.121.155]) by hub.freebsd.org (Postfix) with ESMTP id 7B60937C021 for ; Tue, 28 Mar 2000 08:55:59 -0800 (PST) (envelope-from bduk@arthlink.net) Received: from arthlink.net (sdn-ar-005orportP106.dialsprint.net [63.178.66.66]) by kestrel.prod.itd.earthlink.net (8.9.3/8.9.3) with ESMTP id IAA07200; Tue, 28 Mar 2000 08:47:22 -0800 (PST) Received: (from bduk@localhost) by arthlink.net (8.9.3/8.9.3) id GAA38893; Tue, 28 Mar 2000 06:05:05 -0800 (PST) (envelope-from bduk) Date: Tue, 28 Mar 2000 06:05:05 -0800 (PST) Message-Id: <200003281405.GAA38893@arthlink.net> From: Derrick Baumer To: tms2@mail.ptd.net Cc: freebsd-questions@FreeBSD.ORG In-reply-to: <38E07D91.8D91BFB8@mail.ptd.net> (tms2@mail.ptd.net) Subject: Re: strange behaviour of chown(due to my lameness probably) Reply-To: bduk@earthlink.net Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > From: "Thomas M. Sommers" > > Ariel Burbaickij wrote: > > > > Wait.even the files that are owned by user who intend to change its > > ownership?Effictively,giving ownership to someone other over? > > Yes. Suppose I am evil and want to delete all of your files. Normally I > could not do it, because you are careful and allow only yourself to > write your files (the permissions are, for example: -rw-r--r--). But if > I could give you ownership of a file, I could create a shell program > with the line 'rm -r ~you/*', make it setuid and executable, and give > you ownership of it. Then if I run it, it will run with your uid, and > will happily delete all of your files. > > To prevent this and similar security breaches, only root can change file > ownership. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message Just out of curiosity, why not just have the system check on setuid/setgid? Seems you *ought* to be able to give your files away if that example is the only security breach that would be involved - you'd just have to have a secure system for setuid modifications. Another thought is that if you give ownership of the file to someone else, you would not be able to take it back, and that could, theoretically, become troublesome if the other person decided they didn't want the file. They could decide to be difficult and leave the 40Meg file you just gave them in your home directory and you'd never be able to get rid of it without asking Mr. Root to help. Honestly, though, why not just have the other user make a copy of the file in question? chmod 644 so they can read it and when they make their own copy of the file it would be under their permissions. -- Derrick Baumer bduk@earthlink.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message