chgrp becomes very confused about who you are if you are root
Ray Moody
ray at maxwell.physics.purdue.edu
Wed Nov 9 12:36:51 AEST 1988
Index: bin/chgrp 4.3BSD
Description:
Chgrp becomes confused about who you are if you are root when you
recursively change the gid of a directory and all of its files. It
compares the owner of the file with the owner of the *enclosing
directory* to determine if it is O.K. to change the file.
(Also, I think it would be a pretty good idea to install /bin/chgrp )
(with the setuid bit turned off. Chgrp hasn't needed to have this )
(bit turned on since the days of PDP's and there are security issues.)
Repeat-By:
Script started on Tue Nov 8 21:20:38 1988
maxwell /tmp/ray 1 # mkdir dir
maxwell /tmp/ray 2 # touch dir/file
maxwell /tmp/ray 3 # chown ray dir
maxwell /tmp/ray 4 # chgrp -R ray dir
chgrp: You are not the owner of file <- But I am root!!!
maxwell /tmp/ray 5 #
Fix:
RCS file: /usr/src/bin/chgrp.c,v
retrieving revision 5.7
retrieving revision 5.7.1.1
diff -c -r5.7 -r5.7.1.1
*** /tmp/,RCSt1021724 Tue Nov 8 21:32:28 1988
--- /tmp/,RCSt2021724 Tue Nov 8 21:32:29 1988
***************
*** 93,99
continue;
}
if (rflag && ((stbuf.st_mode & S_IFMT) == S_IFDIR)) {
! status += chownr(argv[c], stbuf.st_uid, gid);
continue;
}
if (chown(argv[c], -1, gid)) {
--- 93,99 -----
continue;
}
if (rflag && ((stbuf.st_mode & S_IFMT) == S_IFDIR)) {
! status += chownr(argv[c], uid, gid);
continue;
}
if (chown(argv[c], -1, gid)) {
***************
*** 155,161
continue;
}
if ((st.st_mode & S_IFMT) == S_IFDIR) {
! ecode = chownr(dp->d_name, st.st_uid, gid);
if (ecode)
break;
continue;
--- 155,161 -----
continue;
}
if ((st.st_mode & S_IFMT) == S_IFDIR) {
! ecode = chownr(dp->d_name, uid, gid);
if (ecode)
break;
continue;
--
More information about the Comp.bugs.4bsd.ucb-fixes
mailing list